JVN/CVE Demo: Cveinfos

CVE

Id: 67393
CVE No.: CVE-2013-7446
Status: Candidate
Description: Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.
Phase: Assigned (20151118)
Votes: None (candidate not yet proposed)
Comments

Actions

Related CVE References

Id	CVE Id	CVE No.	Reference	Actions
649743	67393	CVE-2013-7446	MLIST:[linux-kernel] 20131014 Re: epoll oops.	View
649744	67393	CVE-2013-7446	URL:https://lkml.org/lkml/2013/10/14/424	View
649745	67393	CVE-2013-7446	MLIST:[linux-kernel] 20140515 eventpoll __list_del_entry corruption (was: perf: use after free in perf_remove_from_context)	View
649746	67393	CVE-2013-7446	URL:https://lkml.org/lkml/2014/5/15/532	View
649747	67393	CVE-2013-7446	MLIST:[linux-kernel] 20150913 List corruption on epoll_ctl(EPOLL_CTL_DEL) an AF_UNIX socket	View
649748	67393	CVE-2013-7446	URL:https://lkml.org/lkml/2015/9/13/195	View
649749	67393	CVE-2013-7446	MLIST:[netdev] 20150304 [PATCH net] af_unix: don"t poll dead peers	View
649750	67393	CVE-2013-7446	URL:http://www.spinics.net/lists/netdev/msg318826.html	View
649751	67393	CVE-2013-7446	MLIST:[oss-security] 20151118 Re: CVE request - Linux kernel - Unix sockets use after free - peer_wait_queue prematurely freed	View
649752	67393	CVE-2013-7446	URL:http://www.openwall.com/lists/oss-security/2015/11/18/16	View
649753	67393	CVE-2013-7446	MISC:https://forums.grsecurity.net/viewtopic.php?f=3&t=4150	View
649754	67393	CVE-2013-7446	CONFIRM:http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c	View
649755	67393	CVE-2013-7446	CONFIRM:http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3	View
649756	67393	CVE-2013-7446	CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=1282688	View
649757	67393	CVE-2013-7446	CONFIRM:https://github.com/torvalds/linux/commit/7d267278a9ece963d77eefec61630223fce08c6c	View
649758	67393	CVE-2013-7446	CONFIRM:https://groups.google.com/forum/#!topic/syzkaller/3twDUI4Cpm8	View
649759	67393	CVE-2013-7446	DEBIAN:DSA-3426	View
649760	67393	CVE-2013-7446	URL:http://www.debian.org/security/2015/dsa-3426	View
649761	67393	CVE-2013-7446	SUSE:openSUSE-SU-2016:1641	View
649762	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html	View
649763	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2000	View
649764	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html	View
649765	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2001	View
649766	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html	View
649767	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2002	View
649768	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html	View
649769	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2003	View
649770	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html	View
649771	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2006	View
649772	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html	View
649773	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2007	View
649774	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html	View
649775	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2010	View
649776	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html	View
649777	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2011	View
649778	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html	View
649779	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:1961	View
649780	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html	View
649781	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:1994	View
649782	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html	View
649783	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:1995	View
649784	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html	View
649785	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2005	View
649786	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html	View
649787	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2009	View
649788	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html	View
649789	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2014	View
649790	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html	View
649791	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:2074	View
649792	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html	View
649793	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0911	View
649794	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html	View
649795	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:1102	View
649796	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html	View
649797	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0745	View
649798	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html	View
649799	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0746	View
649800	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html	View
649801	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0747	View
649802	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html	View
649803	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0749	View
649804	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00037.html	View
649805	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0750	View
649806	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html	View
649807	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0751	View
649808	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00039.html	View
649809	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0752	View
649810	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00040.html	View
649811	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0753	View
649812	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00041.html	View
649813	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0754	View
649814	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00042.html	View
649815	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0755	View
649816	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00043.html	View
649817	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0756	View
649818	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00044.html	View
649819	67393	CVE-2013-7446	SUSE:SUSE-SU-2016:0757	View
649820	67393	CVE-2013-7446	URL:http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00045.html	View
649821	67393	CVE-2013-7446	UBUNTU:USN-2886-1	View
649822	67393	CVE-2013-7446	URL:http://www.ubuntu.com/usn/USN-2886-1	View
649823	67393	CVE-2013-7446	UBUNTU:USN-2887-1	View
649824	67393	CVE-2013-7446	URL:http://www.ubuntu.com/usn/USN-2887-1	View
649825	67393	CVE-2013-7446	UBUNTU:USN-2887-2	View
649826	67393	CVE-2013-7446	URL:http://www.ubuntu.com/usn/USN-2887-2	View
649827	67393	CVE-2013-7446	UBUNTU:USN-2888-1	View
649828	67393	CVE-2013-7446	URL:http://www.ubuntu.com/usn/USN-2888-1	View
649829	67393	CVE-2013-7446	UBUNTU:USN-2889-1	View
649830	67393	CVE-2013-7446	URL:http://www.ubuntu.com/usn/USN-2889-1	View
649831	67393	CVE-2013-7446	UBUNTU:USN-2889-2	View
649832	67393	CVE-2013-7446	URL:http://www.ubuntu.com/usn/USN-2889-2	View
649833	67393	CVE-2013-7446	UBUNTU:USN-2890-1	View
649834	67393	CVE-2013-7446	URL:http://www.ubuntu.com/usn/USN-2890-1	View
649835	67393	CVE-2013-7446	UBUNTU:USN-2890-2	View
649836	67393	CVE-2013-7446	URL:http://www.ubuntu.com/usn/USN-2890-2	View
649837	67393	CVE-2013-7446	UBUNTU:USN-2890-3	View
649838	67393	CVE-2013-7446	URL:http://www.ubuntu.com/usn/USN-2890-3	View
649839	67393	CVE-2013-7446	BID:77638	View
649840	67393	CVE-2013-7446	URL:http://www.securityfocus.com/bid/77638	View
649841	67393	CVE-2013-7446	SECTRACK:1034557	View

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.41 MB
View render complete	2.98 MB

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	2.74
Event: Controller.initialize	0.02
Event: Controller.startup	0.06
Controller action	398.47
Event: Controller.beforeRender	5.03
» Processing toolbar data	4.94
Rendering View	27.53
» Event: View.beforeRender	0.02
» Rendering APP/View/Cveinfos/view.ctp	26.40
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.64
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.09
Event: View.afterLayout	0.00

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/cveinfos/view/67393
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/cveinfos/view/67393
Remote Port	1535
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.104
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.95.84
Http Via	1.1 squid-proxy-5b5d847c96-t9wdc (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=g6q73lqm9q369l2ootagqa9ni2
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.104
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.104
Unique Id	aEXMVkdkG7t3jElMTgonDwAAAf8
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.104
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.104
Redirect Unique Id	aEXMVkdkG7t3jElMTgonDwAAAf8
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.104
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.104
Redirect Redirect Unique Id	aEXMVkdkG7t3jElMTgonDwAAAf8
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1749404758.478
Request Time	1749404758

CVE

Actions

Related CVE References

Related JVN

Request History

Session

Request

Cake Params

Post data

Query string

Cookie

Current Route

Sql Logs

default

Memory

Timers

Logs

View Variables

App Constants

CakePHP Constants

PHP Environment

Included Files

Include Paths

Included Files