CVE-2013-2147


Severity : Low
Published : 2013-06-07
Modified : 2014-01-30
Base Score : 2.1
Details : The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory via (1) a crafted IDAGETPCIINFO command for a /dev/ida device, related to the ida_locked_ioctl function in drivers/block/cpqarray.c or (2) a crafted CCISS_PASSTHRU32 command for a /dev/cciss device, related to the cciss_ioctl32_passthru function in drivers/block/cciss.c.
Product/Version : CGE 5.x  
Mobilinux 5.x  
 
 
 


CVE Vulnerabilities List CVE-2013