Back to search
CVE-2013-7446
Published: Dec 28, 2015
Modified: Aug 6, 2024
PUBLISHED
Description
Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
SUSE-SU-2016:0750
vendor-advisory
x_refsource_SUSE
https://groups.google.com/forum/#%21topic/syzkaller/3twDUI4Cpm8
x_refsource_CONFIRM
1034557
vdb-entry
x_refsource_SECTRACK
SUSE-SU-2016:2010
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:2011
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:2003
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:0751
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:0747
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:0755
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:1994
vendor-advisory
x_refsource_SUSE
USN-2887-2
vendor-advisory
x_refsource_UBUNTU
https://forums.grsecurity.net/viewtopic.php?f=3&t=4150
x_refsource_MISC
SUSE-SU-2016:0757
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:1961
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:2001
vendor-advisory
x_refsource_SUSE
[netdev] 20150304 [PATCH net] af_unix: don't poll dead peers
mailing-list
x_refsource_MLIST
SUSE-SU-2016:0753
vendor-advisory
x_refsource_SUSE
USN-2886-1
vendor-advisory
x_refsource_UBUNTU
USN-2887-1
vendor-advisory
x_refsource_UBUNTU
USN-2890-3
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2016:2006
vendor-advisory
x_refsource_SUSE
USN-2889-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2016:2014
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2016:1641
vendor-advisory
x_refsource_SUSE
USN-2889-2
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2016:0746
vendor-advisory
x_refsource_SUSE
[linux-kernel] 20150913 List corruption on epoll_ctl(EPOLL_CTL_DEL) an AF_UNIX socket
mailing-list
x_refsource_MLIST
SUSE-SU-2016:0749
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:1102
vendor-advisory
x_refsource_SUSE
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3
x_refsource_CONFIRM
77638
vdb-entry
x_refsource_BID
SUSE-SU-2016:2009
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:2005
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:2007
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:2074
vendor-advisory
x_refsource_SUSE
USN-2890-2
vendor-advisory
x_refsource_UBUNTU
https://bugzilla.redhat.com/show_bug.cgi?id=1282688
x_refsource_CONFIRM
SUSE-SU-2016:2000
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:0745
vendor-advisory
x_refsource_SUSE
DSA-3426
vendor-advisory
x_refsource_DEBIAN
SUSE-SU-2016:1995
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:2002
vendor-advisory
x_refsource_SUSE
[linux-kernel] 20131014 Re: epoll oops.
mailing-list
x_refsource_MLIST
SUSE-SU-2016:0756
vendor-advisory
x_refsource_SUSE
USN-2890-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2016:0754
vendor-advisory
x_refsource_SUSE
SUSE-SU-2016:0752
vendor-advisory
x_refsource_SUSE
USN-2888-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SU-2016:0911
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now