CVE-2013-2596
Linux Kernel Integer Overflow Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
4Exploited in Wild
YesDecision
Descriptions
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
Una determinada version de Android v4.1.2 en dispositivos Motorola Razr HD, Razr M, y Atrix HD con el chipset Qualcomm MSM8960 permite a atacantes físicamente próximos obtener acceso de root entrando en el modo de depuración USB, usando Android Debug Bridge (ADB) para establecer una conexión USB, y cargar y ejecutar el programa pwn Motochopper.
An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system.
Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability that allows for privilege escalation.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2013-03-15 CVE Reserved
- 2013-04-13 CVE Published
- 2022-09-15 Exploited in Wild
- 2022-10-06 KEV Due Date
- 2024-06-29 EPSS Updated
- 2024-08-06 CVE Updated
- 2024-08-06 First Exploit
CWE
- CWE-190: Integer Overflow or Wraparound
CAPEC
References (18)
URL | Date | SRC |
---|---|---|
http://rhn.redhat.com/errata/RHSA-2015-0695.html | 2024-06-28 | |
http://rhn.redhat.com/errata/RHSA-2015-0782.html | 2024-06-28 | |
http://rhn.redhat.com/errata/RHSA-2015-0803.html | 2024-06-28 | |
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 | 2024-06-28 | |
https://access.redhat.com/security/cve/CVE-2013-2596 | 2016-03-15 | |
https://bugzilla.redhat.com/show_bug.cgi?id=1034490 | 2016-03-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.12 < 3.0.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 3.0.75" | - |
Affected
| in | Motorola Search vendor "Motorola" | Atrix Hd Search vendor "Motorola" for product "Atrix Hd" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.12 < 3.0.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 3.0.75" | - |
Affected
| in | Motorola Search vendor "Motorola" | Razr Hd Search vendor "Motorola" for product "Razr Hd" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.12 < 3.0.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 3.0.75" | - |
Affected
| in | Motorola Search vendor "Motorola" | Razr M Search vendor "Motorola" for product "Razr M" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 2.6.12 < 3.0.75 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 3.0.75" | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8960 Search vendor "Qualcomm" for product "Msm8960" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.1 < 3.2.45 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.1 < 3.2.45" | - |
Affected
| in | Motorola Search vendor "Motorola" | Atrix Hd Search vendor "Motorola" for product "Atrix Hd" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.1 < 3.2.45 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.1 < 3.2.45" | - |
Affected
| in | Motorola Search vendor "Motorola" | Razr Hd Search vendor "Motorola" for product "Razr Hd" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.1 < 3.2.45 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.1 < 3.2.45" | - |
Affected
| in | Motorola Search vendor "Motorola" | Razr M Search vendor "Motorola" for product "Razr M" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.1 < 3.2.45 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.1 < 3.2.45" | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8960 Search vendor "Qualcomm" for product "Msm8960" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.4.42 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.42" | - |
Affected
| in | Motorola Search vendor "Motorola" | Atrix Hd Search vendor "Motorola" for product "Atrix Hd" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.4.42 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.42" | - |
Affected
| in | Motorola Search vendor "Motorola" | Razr Hd Search vendor "Motorola" for product "Razr Hd" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.4.42 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.42" | - |
Affected
| in | Motorola Search vendor "Motorola" | Razr M Search vendor "Motorola" for product "Razr M" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.4.42 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.42" | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8960 Search vendor "Qualcomm" for product "Msm8960" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.5 < 3.8.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.8.9" | - |
Affected
| in | Motorola Search vendor "Motorola" | Atrix Hd Search vendor "Motorola" for product "Atrix Hd" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.5 < 3.8.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.8.9" | - |
Affected
| in | Motorola Search vendor "Motorola" | Razr Hd Search vendor "Motorola" for product "Razr Hd" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.5 < 3.8.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.8.9" | - |
Affected
| in | Motorola Search vendor "Motorola" | Razr M Search vendor "Motorola" for product "Razr M" | - | - |
Safe
|
Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.5 < 3.8.9 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.8.9" | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8960 Search vendor "Qualcomm" for product "Msm8960" | - | - |
Safe
|
Motorola Search vendor "Motorola" | Android Search vendor "Motorola" for product "Android" | 4.1.2 Search vendor "Motorola" for product "Android" and version "4.1.2" | - |
Affected
| in | Motorola Search vendor "Motorola" | Atrix Hd Search vendor "Motorola" for product "Atrix Hd" | - | - |
Safe
|
Motorola Search vendor "Motorola" | Android Search vendor "Motorola" for product "Android" | 4.1.2 Search vendor "Motorola" for product "Android" and version "4.1.2" | - |
Affected
| in | Motorola Search vendor "Motorola" | Razr Hd Search vendor "Motorola" for product "Razr Hd" | - | - |
Safe
|
Motorola Search vendor "Motorola" | Android Search vendor "Motorola" for product "Android" | 4.1.2 Search vendor "Motorola" for product "Android" and version "4.1.2" | - |
Affected
| in | Motorola Search vendor "Motorola" | Razr M Search vendor "Motorola" for product "Razr M" | - | - |
Safe
|
Motorola Search vendor "Motorola" | Android Search vendor "Motorola" for product "Android" | 4.1.2 Search vendor "Motorola" for product "Android" and version "4.1.2" | - |
Affected
| in | Qualcomm Search vendor "Qualcomm" | Msm8960 Search vendor "Qualcomm" for product "Msm8960" | - | - |
Safe
|