CVE-2013-7263

Description

The Linux kernel before 3.12.4 updates certain length values before ensuring that associated data structures have been initialized, which allows local users to obtain sensitive information from kernel stack memory via a (1) recvfrom, (2) recvmmsg, or (3) recvmsg system call, related to net/ipv4/ping.c, net/ipv4/raw.c, net/ipv4/udp.c, net/ipv6/raw.c, and net/ipv6/udp.c.

CVSS Version 2.0

nvd
CVE ID: CVE-2013-7263
Base Score: 4.9
Base Severity: MEDIUM
Vector String:AV:L/AC:L/Au:N/C:C/I:N/A:N

Refrence: NVD

Description​

Description