// For flags

CVE-2013-7446

Ubuntu Security Notice USN-2889-2

Severity Score

5.3
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

4
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.

Vulnerabilidad de uso después de la liberación de la memoria en net/unix/af_unix.c en el kernel de Linux en versiones anteriores a 4.3.3 permite a usuarios locales eludir los permisos destinados al socket AF_UNIX o provocar una denegación de servicio (panic) a través de llamadas epoll_ctl manipuladas.

It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. It was discovered that the KVM implementation in the Linux kernel did not properly restore the values of the Programmable Interrupt Timer (PIT). A user-assisted attacker in a KVM guest could cause a denial of service in the host (system crash). Various other issues were also addressed.

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
Low
Availability
High
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
Partial
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-11-18 CVE Reserved
  • 2015-12-18 CVE Published
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • 2025-07-02 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
CAPEC
References (53)
URL Tag Source
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7d267278a9ece963d77eefec61630223fce08c6c X_refsource_confirm
http://www.openwall.com/lists/oss-security/2015/11/18/16 Mailing List
http://www.securityfocus.com/bid/77638 Vdb Entry
http://www.securitytracker.com/id/1034557 Vdb Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1282688 X_refsource_confirm
https://forums.grsecurity.net/viewtopic.php?f=3&t=4150 X_refsource_misc
https://groups.google.com/forum/#%21topic/syzkaller/3twDUI4Cpm8 X_refsource_confirm
URL Date SRC
http://www.spinics.net/lists/netdev/msg318826.html 2024-08-06
https://lkml.org/lkml/2013/10/14/424 2024-08-06
https://lkml.org/lkml/2014/5/15/532 2024-08-06
https://lkml.org/lkml/2015/9/13/195 2024-08-06
URL Date SRC
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00033.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00034.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00035.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00037.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00038.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00039.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00040.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00041.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00042.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00043.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00044.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00045.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00094.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00045.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html 2023-11-07
http://www.debian.org/security/2015/dsa-3426 2023-11-07
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.3 2023-11-07
http://www.ubuntu.com/usn/USN-2886-1 2023-11-07
http://www.ubuntu.com/usn/USN-2887-1 2023-11-07
http://www.ubuntu.com/usn/USN-2887-2 2023-11-07
http://www.ubuntu.com/usn/USN-2888-1 2023-11-07
http://www.ubuntu.com/usn/USN-2889-1 2023-11-07
http://www.ubuntu.com/usn/USN-2889-2 2023-11-07
http://www.ubuntu.com/usn/USN-2890-1 2023-11-07
http://www.ubuntu.com/usn/USN-2890-2 2023-11-07
http://www.ubuntu.com/usn/USN-2890-3 2023-11-07
https://github.com/torvalds/linux/commit/7d267278a9ece963d77eefec61630223fce08c6c 2023-11-07
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Linux
Search vendor "Linux"
 Linux Kernel
Search vendor "Linux" for product "Linux Kernel"
 <= 4.3.2
Search vendor "Linux" for product "Linux Kernel" and version " <= 4.3.2"
-
Affected