Privilege Escalation via SCTP_GET_ASSOC_STATS getsockopt System Call in Linux Kernel

Privilege Escalation via SCTP_GET_ASSOC_STATS getsockopt System Call in Linux Kernel

CVE-2013-1828 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt system call.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.