NVD

Id
41488  
Name
CVE-2013-6432  
Description
The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging unspecified privileges to execute a crafted application.  
Reject
 
CVSS Version
2  
CVSS Score
4.6  
Severity
Medium  
CVSS Base Score
4.6  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
3.1  
CVSS Vector
(AV:L/AC:L/Au:S/C:N/I:N/A:C)  
Pub Date
2017-01-18  
Published
2013-12-09  
Modified Date
2014-03-05  
Seq
2013-6432  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
209641 41488 CVE-2013-6432 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=cf970c002d270c36202bd5b9c2804d3097a52da0  View
209642 41488 CVE-2013-6432 openSUSE-SU-2014:0205  View
209643 41488 CVE-2013-6432 http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.4  View
209644 41488 CVE-2013-6432 [oss-security] 20131206 Re: CVE request: Kernel: ping: NULL pointer dereference on write to msg_name  View
209645 41488 CVE-2013-6432 USN-2113-1  View
209646 41488 CVE-2013-6432 USN-2117-1  View
209647 41488 CVE-2013-6432 https://bugzilla.redhat.com/show_bug.cgi?id=1039046  View
209648 41488 CVE-2013-6432 https://github.com/torvalds/linux/commit/cf970c002d270c36202bd5b9c2804d3097a52da0  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
23920 JVNDB-2013-005495 Linux Kernel の net/ipv4/ping.c の ping_recvmsg 関数におけるサービス運用妨害 (DoS) の脆弱性 Linux Kernel の net/ipv4/ping.c の ping_recvmsg 関数は、ping ソケット上の read システムコールを適切に対話処理しないため、サービス運用妨害 (NULL ポインタデリファレンスおよびシステムクラッシュ) 状態にされる脆弱性が存在します。 CVE-2013-6432 66374 CVE-2013-6432 41488 4.6 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005495.html 2013-12-08 2013-12-16 View