Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2013-2596

Опубликовано: 13 апр. 2013
Источник: nvd
CVSS3: 7.8
CVSS2: 6.9
EPSS Низкий

Описание

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

Одно из

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 2.6.12 (включая) до 3.0.75 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.1 (включая) до 3.2.45 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.3 (включая) до 3.4.42 (исключая)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Версия от 3.5 (включая) до 3.8.9 (исключая)
cpe:2.3:o:motorola:android:4.1.2:*:*:*:*:*:*:*

Одно из

cpe:2.3:h:motorola:atrix_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:motorola:razr_hd:-:*:*:*:*:*:*:*
cpe:2.3:h:motorola:razr_m:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8960:-:*:*:*:*:*:*:*

EPSS

Процентиль: 68%
0.00589
Низкий

7.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-190
CWE-190

Связанные уязвимости

ubuntu логотип

CVE-2013-2596

CVSS3: 7.8
ubuntu
около 12 лет назад

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

redhat логотип

CVE-2013-2596

redhat
около 12 лет назад

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

debian логотип

CVE-2013-2596

CVSS3: 7.8
debian
около 12 лет назад

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in t ...

github логотип

GHSA-xg37-4cgv-wc3c

CVSS3: 7.8
github
около 3 лет назад

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

oracle-oval логотип

ELSA-2016-0450

oracle-oval
больше 9 лет назад

ELSA-2016-0450: kernel security update (IMPORTANT)

EPSS

Процентиль: 68%
0.00589
Низкий

7.8 High

CVSS3

6.9 Medium

CVSS2

Дефекты

CWE-190
CWE-190
Уязвимость CVE-2013-2596