{ "threat_severity" : "Low", "public_date" : "2013-04-07T00:00:00Z", "bugzilla" : { "description" : "Kernel: Bluetooth: RFCOMM - missing msg_namelen update in rfcomm_sock_recvmsg", "id" : "955649", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=955649" }, "cvss" : { "cvss_base_score" : "1.9", "cvss_scoring_vector" : "AV:L/AC:M/Au:N/C:P/I:N/A:N", "status" : "verified" }, "details" : [ "The rfcomm_sock_recvmsg function in net/bluetooth/rfcomm/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call." ], "statement" : "This issue does not affect the version of the kernel package as shipped with\nRed Hat Enterprise Linux 5.\nThis issue affects the versions of Linux kernel as shipped with\nRed Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2. Future kernel updates\nfor Red Hat Enterprise Linux 6 and Red Hat Enterprise MRG 2 may address this\nissue.", "affected_release" : [ { "product_name" : "OpenStack 3 for RHEL 6", "release_date" : "2013-07-16T00:00:00Z", "advisory" : "RHSA-2013:1080", "cpe" : "cpe:/a:redhat:openstack:3::el6", "package" : "kernel-0:2.6.32-358.114.1.openstack.el6" }, { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2013-07-16T00:00:00Z", "advisory" : "RHSA-2013:1051", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "kernel-0:2.6.32-358.14.1.el6" }, { "product_name" : "Red Hat Enterprise MRG 2", "release_date" : "2013-05-20T00:00:00Z", "advisory" : "RHSA-2013:0829", "cpe" : "cpe:/a:redhat:enterprise_mrg:2:server:el6", "package" : "kernel-rt-0:3.6.11.2-rt33.39.el6rt" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-3225\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-3225" ], "name" : "CVE-2013-3225", "csaw" : false }