|Main Archive Page > Month Archives > ubuntu-hardened archives|
I would like to know if CVE-2013-1773 vulnerability is fixed
in e.g. 3.2.0-38 kernel (Ubuntu 12.04)? I'm asking because this issue
(buffer overflow) was found in Linux kernels before 3.3.
This problem allows "*local users to gain privileges or cause
a denial of service (system crash) via a VFAT write operation
on a filesystem with the utf8 mount option, which is not properly
handled during UTF-8 to UTF-16 conversion*."
On a system where disk/images can be auto-mounted or a FAT
filesystem is mounted, then unprivileged user can gain root
privileges. So, is it fixed?
-- ubuntu-hardened mailing list firstname.lastname@example.org https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened