CVE-2013-6282
Linux Kernel Improper Input Validation Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
7Exploited in Wild
YesDecision
Descriptions
The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.
Las funciones de API (1) get_user y (2) put_user en el kernel de Linux anterior a la versión 3.5.5 en las plataformas v6k y v7 ARM no validan ciertas direcciones, lo que permite a atacantes leer o modificar el contenido de localizaciones de memoria kernel arbitraria a través de una aplicación manipulada, tal y como se explotó activamente en dispositivos Android en Octubre y Noviembre 2013.
A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. Various other issues were also addressed.
The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation.
CVSS Scores
SSVC
- Decision:Act
Timeline
- 2013-10-25 CVE Reserved
- 2013-11-19 CVE Published
- 2014-02-11 First Exploit
- 2022-09-15 Exploited in Wild
- 2022-10-06 KEV Due Date
- 2025-05-01 CVE Updated
- 2025-05-17 EPSS Updated
CWE
- CWE-20: Improper Input Validation
CAPEC
References (16)
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/140277 | 2016-12-26 | |
| https://www.exploit-db.com/exploits/31574 | 2014-02-11 | |
| https://www.exploit-db.com/exploits/40975 | 2025-05-01 | |
| https://github.com/timwr/CVE-2013-6282 | 2016-12-19 | |
| https://github.com/fi01/libput_user_exploit | 2022-10-26 | |
| https://github.com/jeboo/bypasslkm | 2023-06-22 | |
| https://github.com/torvalds/linux/commit/8404663f81d212918ff85f493649a7991209fa04 | 2025-05-01 |
| URL | Date | SRC |
|---|---|---|
| http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.5.5 | 2023-12-08 | |
| http://www.ubuntu.com/usn/USN-2067-1 | 2023-12-08 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | < 3.2.54 Search vendor "Linux" for product "Linux Kernel" and version " < 3.2.54" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.3 < 3.4.12 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.4.12" | - |
Affected
| ||||||
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | >= 3.5 < 3.5.5 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.5 < 3.5.5" | - |
Affected
| ||||||