CVE-2013-2596
HIGH severity · CVSS 7.8 · Integer overflow · actively exploited (CISA KEV)
7.8CVSS HIGH exploited
Actively exploited in the wild (CISA Known Exploited Vulnerabilities).
Added to KEV 2022-09-15. US federal agencies must patch by 2022-10-06.
Summary
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
Impact & exploitability
Attack vectorLocal
Attack complexityLow
Privileges requiredLow
User interactionNone
Confidentiality impactHigh
Integrity impactHigh
Availability impactHigh
Exploit probability (EPSS)3%
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products we track (1)
Recommendation
This vulnerability is being actively exploited in the wild — patch affected products urgently. Open any affected product above for its exact safe version.
Official patch: http://marc.info/?l=linux-kernel&m=136616837923938&w=2 ↗
Additional information
- NVD record
- http://marc.info/?l=linux-kernel&m=136616837923938&w=2Patch
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4cbb197c7e7a68dbad0d491242e3ca67420c13e
- http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc9bbca8f650e5f738af8806317c0a041a48ae4a
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761Advisory
- http://rhn.redhat.com/errata/RHSA-2015-0695.htmlAdvisory
- http://rhn.redhat.com/errata/RHSA-2015-0782.htmlAdvisory
- http://rhn.redhat.com/errata/RHSA-2015-0803.htmlAdvisory
- http://forum.xda-developers.com/showthread.php?t=2255491Exploit