CVE-2013-2596
CVSS v3.1
7.8 (High)
CVSS v2.0
6.9 (Medium)
EPSS
0.09 % (41th)
Affected Products
6
Advisories
6
NVD Status
Analyzed
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
- CVE Status
- PUBLISHED
- NVD Status
- Analyzed
- CNA
- MITRE
- Published Date
-
2013-04-13 02:59:46
(11 years ago) - Updated Date
-
2024-06-28 14:01:45
(2 months ago)
Linux Kernel Integer Overflow Vulnerability (CISA - Known Exploited Vulnerabilities Catalog)
- Description
- Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability that allows for privilege escalation.
- Required Action
- Apply updates per vendor instructions.
- Known to be Used in Ransomware Campaigns
- Unknown
- Notes
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc9bbca8f650e5f738af8806317c0a041a48ae4a; https://nvd.nist.gov/vuln/detail/CVE-2013-2596
- Vendor
- Linux
- Product
- Kernel
- In CISA Catalog from
-
2022-09-15
(2 years ago) - Due Date
-
2022-10-06
(23 months ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...