CVE Vulnerabilities

CVE-2013-2148

Published: Jun 07, 2013 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation on the fanotify descriptor.

Affected Software

Name Vendor Start Version End Version
Linux_kernel Linux 3.9.0 3.9.0
Linux_kernel Linux 3.9.2 3.9.2
Linux_kernel Linux 3.9 3.9
Linux_kernel Linux 3.9 3.9
Linux_kernel Linux 3.9 3.9
Linux_kernel Linux 3.9 3.9
Linux_kernel Linux 3.9.3 3.9.3
Linux_kernel Linux * 3.9.4
Linux_kernel Linux 3.9 3.9
Linux_kernel Linux 3.9 3.9
Linux_kernel Linux 3.9 3.9
Linux_kernel Linux 3.9.1 3.9.1

References