CVE-2013-6282

Priority
Medium
Description
The (1) get_user and (2) put_user API functions in the Linux kernel before
3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses,
which allows attackers to read or modify the contents of arbitrary kernel
memory locations via a crafted application, as exploited in the wild
against Android devices in October and November 2013.
Ubuntu-Description
Catalin Marinas reported a flaw in the get_user and put_user API functions
in the Linux kernel on ARM platforms. An unprivileged local user could
exploit this flaw to gain administrator privileges.
References
Bugs
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-1629.41)
Ubuntu 12.10 (Quantal Quetzal):not-affected (3.5.0-1603.5)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):ignored
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):ignored
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 12.10 (Quantal Quetzal):ignored (abandoned)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 12.10 (Quantal Quetzal):ignored (abandoned)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (abandoned)
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 12.10 (Quantal Quetzal):ignored (abandoned)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):ignored
Ubuntu 14.04 LTS (Trusty Tahr):needs-triage
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.5.0-18.29~precise1)
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Patches:
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):needed
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):ignored
Ubuntu 14.04 LTS (Trusty Tahr):needed
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.11.0-13.20~precise2)
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):ignored
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (arm only)
Ubuntu 12.10 (Quantal Quetzal):not-affected (3.5.0-17.26)
Ubuntu 13.10 (Saucy Salamander):not-affected (3.9.0-0.2)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.11.0-12.19)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2Fixed by 8404663f81d212918ff85f493649a7991209fa04
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):ignored
Ubuntu 14.04 LTS (Trusty Tahr):needed
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):released (3.2.0-1442.61)
Ubuntu 12.10 (Quantal Quetzal):not-affected (3.5.0-213.20)
Ubuntu 13.10 (Saucy Salamander):not-affected (3.5.0-223.34)
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):ignored (abandoned)
Ubuntu 12.10 (Quantal Quetzal):ignored (abandoned)
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):ignored (reached end-of-life, does not affect buildd)
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):not-affected (3.8.0-19.30~precise1)
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):DNE
Ubuntu 14.04 LTS (Trusty Tahr):DNE
Package
Upstream:released (3.6~rc6)
Ubuntu 10.04 LTS (Lucid Lynx):DNE
Ubuntu 12.04 LTS (Precise Pangolin):DNE
Ubuntu 12.10 (Quantal Quetzal):DNE
Ubuntu 13.10 (Saucy Salamander):ignored
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (3.4.0-5.22)
More Information

Valid XHTML 1.0 Strict

Updated: 2014-02-20 21:14:28 UTC (commit 7762)