849023 – (CVE-2013-4513) VUL-1: CVE-2013-4513: kernel: staging/ozwpan: buffer overflow in write syscall

Bug 849023 (CVE-2013-4513) - VUL-1: CVE-2013-4513: kernel: staging/ozwpan: buffer overflow in write syscall

Summary: VUL-1: CVE-2013-4513: kernel: staging/ozwpan: buffer overflow in write syscall

Status:	VERIFIED FIXED
Duplicates (1):	CVE-2013-6379 (view as bug list)

Alias:	CVE-2013-4513

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	E-mail List
QA Contact:	Security Team bot

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2013-11-05 13:10 UTC by Victor Pereira
Modified:	2015-02-19 10:16 UTC (History)
CC List:	3 users (show)

See Also:
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Victor Pereira 2013-11-05 13:10:05 UTC

CVE-2013-4512

drivers/staging/ozwpan/ozcdev.c: buffer overflow in write syscall
handler 
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c2c65cd2e14ada6de44cb527e7f1990be

Comment 1 Victor Pereira 2013-11-05 13:34:47 UTC

CVE-2013-4513

Comment 2 Marcus Meissner 2013-11-05 15:21:21 UTC

not in SLES 11 SP3 or olders as it was added in newer kernels.

Comment 3 Swamp Workflow Management 2013-11-05 23:00:44 UTC

bugbot adjusting priority

Comment 5 Marcus Meissner 2013-11-30 11:12:57 UTC

*** Bug 852556 has been marked as a duplicate of this bug. ***

Comment 7 Borislav Petkov 2013-12-19 10:14:33 UTC

SLE12: Disabled CONFIG_USB_WPAN_HCD
SLE11-SP2: n/a
oS12.2: has it
oS12.3: applied
oS13.1: has it

Closing.

Comment 8 Swamp Workflow Management 2014-02-06 18:13:14 UTC

openSUSE-SU-2014:0204-1: An update that solves 16 vulnerabilities and has 12 fixes is now available.

Category: security (important)
Bug References: 804950,805226,808358,811746,825006,831836,838024,840226,840656,844513,848079,848255,849021,849023,849029,849034,849362,852373,852558,852559,853050,853051,853052,853053,854173,854634,854722,860993
CVE References: CVE-2013-0343,CVE-2013-1792,CVE-2013-4348,CVE-2013-4511,CVE-2013-4513,CVE-2013-4514,CVE-2013-4515,CVE-2013-4587,CVE-2013-6367,CVE-2013-6368,CVE-2013-6376,CVE-2013-6378,CVE-2013-6380,CVE-2013-6431,CVE-2013-7027,CVE-2014-0038
Sources used:
openSUSE 12.3 (src):    kernel-docs-3.7.10-1.28.2, kernel-source-3.7.10-1.28.1, kernel-syms-3.7.10-1.28.1