CVE-2013-2596

Updated: 2020-05-27

CWE: Numeric Errors

Description:

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

CVSS3: 7.8


Vendor State

OS Vendor version Errata
RHEL 6 2.6.32-504.el6 RHSA-2014:1392
CentOS 6 2.6.32-504.el6 CESA-2014:1392
CentOS 6 plus 2.6.32-504.el6.centos.plus CESA-2014:1392
Oracle Linux 6 2.6.32-504.el6 ELSA-2014-1392
Scientific 6 2.6.32-504.el6 CESA-2014:1392

KernelCare State

OS Original kernel version State
RHEL 6
2.6.32-279.11.1.el6 show all hide all
2.6.32-279.14.1.el6 2.6.32-279.19.1.el6 2.6.32-279.2.1.el6 2.6.32-279.22.1.el6 2.6.32-279.5.1.el6 2.6.32-279.5.2.el6 2.6.32-279.9.1.el6 2.6.32-358.0.1.el6 2.6.32-358.11.1.el6 2.6.32-358.14.1.el6 2.6.32-358.18.1.el6 2.6.32-358.2.1.el6 2.6.32-358.23.2.el6 2.6.32-358.6.1.el6 2.6.32-358.6.2.el6 2.6.32-358.el6 2.6.32-431.1.2.el6 2.6.32-431.11.2.el6 2.6.32-431.17.1.el6 2.6.32-431.20.3.el6 2.6.32-431.20.5.el6 2.6.32-431.23.3.el6 2.6.32-431.29.2.el6 2.6.32-431.3.1.el6 2.6.32-431.5.1.el6 2.6.32-431.el6
Released
CentOS 6
2.6.32-279.14.1.el6 show all hide all
2.6.32-358.2.1.el6 2.6.32-358.23.2.el6 2.6.32-358.0.1.el6 2.6.32-431.11.2.el6 2.6.32-431.el6 2.6.32-358.6.2.el6 2.6.32-358.6.1.el6 2.6.32-358.14.1.el6 2.6.32-279.9.1.el6 2.6.32-279.11.1.el6 2.6.32-358.11.1.el6 2.6.32-431.23.3.el6 2.6.32-431.5.1.el6 2.6.32-431.20.5.el6 2.6.32-279.22.1.el6 2.6.32-431.20.3.el6 2.6.32-358.el6 2.6.32-279.2.1.el6 2.6.32-279.5.1.el6 2.6.32-279.5.2.el6 2.6.32-431.1.2.0.1.el6 2.6.32-431.3.1.el6 2.6.32-431.17.1.el6 2.6.32-358.18.1.el6 2.6.32-279.19.1.el6 2.6.32-431.29.2.el6
Released
CentOS 6 plus
2.6.32-431.1.2.el6.centos.plus show all hide all
2.6.32-431.5.1.el6.centos.plus 2.6.32-358.0.1.el6.centos.plus 2.6.32-431.20.3.el6.centos.plus 2.6.32-279.19.1.el6.centos.plus 2.6.32-431.17.1.el6.centos.plus 2.6.32-431.11.2.el6.centos.plus 2.6.32-358.6.1.el6.centos.plus 2.6.32-358.14.1.el6.centos.plus 2.6.32-431.el6.centos.plus 2.6.32-431.20.5.el6.centos.plus 2.6.32-279.9.1.el6.centos.plus 2.6.32-358.23.2.el6.centos.plus 2.6.32-279.11.1.el6.centos.plus 2.6.32-431.29.2.el6.centos.plus 2.6.32-279.22.1.el6.centos.plus 2.6.32-358.2.1.el6.centos.plus 2.6.32-431.23.3.el6.centos.plus 2.6.32-279.2.1.el6.centos.plus 2.6.32-279.5.1.el6.centos.plus 2.6.32-279.5.2.el6.centos.plus 2.6.32-431.20.3.0.1.el6.centos.plus 2.6.32-431.3.1.el6.centos.plus 2.6.32-358.6.2.el6.centos.plus 2.6.32-358.11.1.el6.centos.plus 2.6.32-358.el6.centos.plus 2.6.32-279.14.1.el6.centos.plus 2.6.32-358.18.1.el6.centos.plus
Released
Oracle Linux 6
2.6.32-358.14.1.el6 show all hide all
2.6.32-358.11.1.el6 2.6.32-358.0.1.el6 2.6.32-431.20.5.el6 2.6.32-431.29.2.el6 2.6.32-431.1.2.el6 2.6.32-431.el6 2.6.32-358.6.2.el6 2.6.32-358.2.1.el6 2.6.32-279.19.1.el6 2.6.32-358.6.1.el6 2.6.32-279.11.1.el6 2.6.32-431.17.1.el6 2.6.32-431.23.3.el6 2.6.32-431.11.2.el6 2.6.32-279.2.1.el6 2.6.32-279.5.1.el6 2.6.32-279.5.2.el6 2.6.32-431.3.1.el6 2.6.32-358.23.2.el6 2.6.32-279.9.1.el6 2.6.32-279.22.1.el6 2.6.32-358.el6 2.6.32-431.20.3.el6 2.6.32-358.18.1.el6 2.6.32-431.5.1.el6 2.6.32-279.14.1.el6
Released
CloudLinux OS 6
2.6.32-379.22.1.lve1.2.17.1.el6 show all hide all
2.6.32-379.22.1.lve1.2.17.el6 2.6.32-458.18.1.lve1.2.39.el6 2.6.32-458.23.2.lve1.2.45.el6 2.6.32-458.23.2.lve1.2.48.el6 2.6.32-458.23.2.lve1.2.52.el6 2.6.32-458.6.2.lve1.2.26.1.el6 2.6.32-458.6.2.lve1.2.28.el6 2.6.32-458.6.2.lve1.2.30.el6 2.6.32-531.1.2.lve1.2.54.el6 2.6.32-531.11.2.lve1.2.55.el6 2.6.32-531.17.1.lve1.2.56.el6 2.6.32-531.17.1.lve1.2.57.el6 2.6.32-531.17.1.lve1.2.58.el6 2.6.32-531.17.1.lve1.2.60.el6 2.6.32-531.23.3.lve1.2.65.el6 2.6.32-531.23.3.lve1.2.66.el6 2.6.32-531.23.3.lve1.3.6.el6 2.6.32-531.29.2.lve1.3.11.1.el6 2.6.32-531.29.2.lve1.3.11.10.el6
Released
OpenVZ 6
2.6.32-042stab076.7 show all hide all
2.6.32-042stab076.8 2.6.32-042stab078.22 2.6.32-042stab078.26 2.6.32-042stab078.27 2.6.32-042stab078.28 2.6.32-042stab079.4 2.6.32-042stab079.5 2.6.32-042stab079.6 2.6.32-042stab081.3 2.6.32-042stab081.5 2.6.32-042stab081.8 2.6.32-042stab083.2 2.6.32-042stab084.12 2.6.32-042stab084.14 2.6.32-042stab084.17 2.6.32-042stab084.20 2.6.32-042stab084.21 2.6.32-042stab084.25 2.6.32-042stab084.26 2.6.32-042stab085.17 2.6.32-042stab085.20 2.6.32-042stab088.4 2.6.32-042stab090.2 2.6.32-042stab090.3 2.6.32-042stab090.4 2.6.32-042stab090.5 2.6.32-042stab092.1 2.6.32-042stab092.2 2.6.32-042stab092.3 2.6.32-042stab093.4 2.6.32-042stab093.5 2.6.32-042stab094.7 2.6.32-042stab094.8
Released
Scientific 6
2.6.32-358.2.1.el6 show all hide all
2.6.32-431.20.3.el6 2.6.32-358.23.2.el6 2.6.32-358.18.1.el6 2.6.32-431.1.2.el6 2.6.32-431.20.5.el6 2.6.32-431.11.2.el6 2.6.32-279.14.1.el6 2.6.32-431.el6 2.6.32-431.29.2.el6 2.6.32-279.2.1.el6 2.6.32-279.5.1.el6 2.6.32-279.5.2.el6 2.6.32-431.3.1.el6 2.6.32-279.22.1.el6 2.6.32-358.11.1.el6 2.6.32-358.6.2.el6 2.6.32-279.19.1.el6 2.6.32-431.23.3.el6 2.6.32-431.5.1.el6 2.6.32-279.9.1.el6 2.6.32-431.17.1.el6 2.6.32-358.14.1.el6 2.6.32-279.11.1.el6 2.6.32-358.el6 2.6.32-358.0.1.el6 2.6.32-358.6.1.el6
Released
OEL 6 Dell
Ready For Release
Debian 10 cloud
Will Not Fix
Debian 9 backports
Will Not Fix