Candidate: CVE-2013-1828
PublicDate: 2013-03-22 11:59:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1828
 http://www.openwall.com/lists/oss-security/2013/03/08/2
 https://twitter.com/grsecurity/status/309805924749541376
 http://grsecurity.net/~spender/sctp.c
Description:
 The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux
 kernel before 3.8.4 does not validate a size value before proceeding to a
 copy_from_user operation, which allows local users to gain privileges via a
 crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system
 call.
Ubuntu-Description:
Notes:
 seth-arnold> reproducer did nothing on my amd64 precise, quantal, raring VMs
Bugs:
 https://launchpad.net/bugs/1152791
Priority: high
Discovered-by: 
Assigned-to: 
CVSS: 

Patches_linux:
 break-fix: 196d67593439b03088913227093e374235596e33 726bc6b092da4c093eb74d13c07184b18c1af0f1
upstream_linux: released (3.9~rc2)
hardy_linux: not-affected
lucid_linux: not-affected
oneiric_linux: not-affected
precise_linux: not-affected
quantal_linux: not-affected
devel_linux: not-affected (3.8.0-13.22)

Patches_linux-ec2:
upstream_linux-ec2: released (3.9~rc2)
hardy_linux-ec2: DNE
lucid_linux-ec2: not-affected
oneiric_linux-ec2: DNE
precise_linux-ec2: DNE
quantal_linux-ec2: DNE
devel_linux-ec2: DNE

Patches_linux-mvl-dove:
upstream_linux-mvl-dove: released (3.9~rc2)
hardy_linux-mvl-dove: DNE
lucid_linux-mvl-dove: ignored (reached end-of-life)
oneiric_linux-mvl-dove: DNE
precise_linux-mvl-dove: DNE
quantal_linux-mvl-dove: DNE
devel_linux-mvl-dove: DNE

Patches_linux-ti-omap4:
upstream_linux-ti-omap4: released (3.9~rc2)
hardy_linux-ti-omap4: DNE
lucid_linux-ti-omap4: DNE
oneiric_linux-ti-omap4: not-affected
precise_linux-ti-omap4: not-affected
quantal_linux-ti-omap4: not-affected
devel_linux-ti-omap4: not-affected

Patches_linux-lts-backport-maverick:
upstream_linux-lts-backport-maverick: released (3.9~rc2)
hardy_linux-lts-backport-maverick: DNE
lucid_linux-lts-backport-maverick: ignored (reached end-of-life)
oneiric_linux-lts-backport-maverick: DNE
precise_linux-lts-backport-maverick: DNE
quantal_linux-lts-backport-maverick: DNE
devel_linux-lts-backport-maverick: DNE

Patches_linux-fsl-imx51:
upstream_linux-fsl-imx51: released (3.9~rc2)
hardy_linux-fsl-imx51: DNE
lucid_linux-fsl-imx51: ignored (reached end-of-life, does not affect buildd)
oneiric_linux-fsl-imx51: DNE
precise_linux-fsl-imx51: DNE
quantal_linux-fsl-imx51: DNE
devel_linux-fsl-imx51: DNE

Patches_linux-lts-backport-oneiric:
upstream_linux-lts-backport-oneiric: released (3.9~rc2)
hardy_linux-lts-backport-oneiric: DNE
lucid_linux-lts-backport-oneiric: not-affected
oneiric_linux-lts-backport-oneiric: DNE
precise_linux-lts-backport-oneiric: DNE
quantal_linux-lts-backport-oneiric: DNE
devel_linux-lts-backport-oneiric: DNE

Patches_linux-linaro-omap:
upstream_linux-linaro-omap: released (3.9~rc2)
hardy_linux-linaro-omap: DNE
lucid_linux-linaro-omap: DNE
oneiric_linux-linaro-omap: ignored (abandoned)
precise_linux-linaro-omap: ignored (abandoned)
quantal_linux-linaro-omap: ignored (abandoned)
devel_linux-linaro-omap: ignored (abandoned)

Patches_linux-linaro-shared:
upstream_linux-linaro-shared: released (3.9~rc2)
hardy_linux-linaro-shared: DNE
lucid_linux-linaro-shared: DNE
oneiric_linux-linaro-shared: ignored (abandoned)
precise_linux-linaro-shared: ignored (abandoned)
quantal_linux-linaro-shared: ignored (abandoned)
devel_linux-linaro-shared: ignored (abandoned)

Patches_linux-linaro-vexpress:
upstream_linux-linaro-vexpress: released (3.9~rc2)
hardy_linux-linaro-vexpress: DNE
lucid_linux-linaro-vexpress: DNE
oneiric_linux-linaro-vexpress: ignored (abandoned)
precise_linux-linaro-vexpress: ignored (abandoned)
quantal_linux-linaro-vexpress: ignored (abandoned)
devel_linux-linaro-vexpress: ignored (abandoned)

Patches_linux-qcm-msm:
upstream_linux-qcm-msm: released (3.9~rc2)
hardy_linux-qcm-msm: DNE
lucid_linux-qcm-msm: ignored (abandoned)
oneiric_linux-qcm-msm: ignored (abandoned)
precise_linux-qcm-msm: ignored (abandoned)
quantal_linux-qcm-msm: ignored (abandoned)
devel_linux-qcm-msm: ignored (abandoned)

Tags_linux-armadaxp: not-ue
Patches_linux-armadaxp:
upstream_linux-armadaxp: released (3.9~rc2)
hardy_linux-armadaxp: DNE
lucid_linux-armadaxp: DNE
oneiric_linux-armadaxp: DNE
precise_linux-armadaxp: not-affected
quantal_linux-armadaxp: not-affected
devel_linux-armadaxp: DNE

Patches_linux-lts-quantal:
upstream_linux-lts-quantal: released (3.9~rc2)
hardy_linux-lts-quantal: DNE
lucid_linux-lts-quantal: DNE
oneiric_linux-lts-quantal: DNE
precise_linux-lts-quantal: not-affected
quantal_linux-lts-quantal: DNE
devel_linux-lts-quantal: DNE