{
  "threat_severity" : "Important",
  "public_date" : "2012-12-09T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: VFAT slab-based buffer overflow",
    "id" : "916115",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=916115"
  },
  "cvss" : {
    "cvss_base_score" : "6.2",
    "cvss_scoring_vector" : "AV:L/AC:H/Au:N/C:C/I:C/A:C",
    "status" : "verified"
  },
  "details" : [ "Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion." ],
  "statement" : "This issue does not affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 5.\nThis issue did affect the version of Linux kernel as shipped with Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2013-04-23T00:00:00Z",
    "advisory" : "RHSA-2013:0744",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-358.6.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.2 EUS - Server and Compute Node Only",
    "release_date" : "2013-07-09T00:00:00Z",
    "advisory" : "RHSA-2013:1026",
    "cpe" : "cpe:/o:redhat:rhel_eus:6.2",
    "package" : "kernel-0:2.6.32-220.39.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.3 EUS - Server and Compute Node Only",
    "release_date" : "2013-06-11T00:00:00Z",
    "advisory" : "RHSA-2013:0928",
    "cpe" : "cpe:/o:redhat:rhel_eus:6.3",
    "package" : "kernel-0:2.6.32-279.31.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "release_date" : "2013-03-06T00:00:00Z",
    "advisory" : "RHSA-2013:0566",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6",
    "package" : "kernel-rt-0:3.6.11-rt28.20.el6rt"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-1773\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-1773" ],
  "name" : "CVE-2013-1773",
  "csaw" : false
}