Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2013-2596

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

See the

CVE page on Mitre.org for more details.

References

MISC: http://www.droid-life....
MISC: http://www.droidrzr.co...
MISC: http://forum.xda-devel...
CONFIRM: http://git.kernel.org/...
CONFIRM: http://git.kernel.org/...
CONFIRM: http://www.kernel.org/...
CONFIRM: https://github.com/tor...
CONFIRM: https://github.com/tor...
MANDRIVA: MDVSA-2013:176
REDHAT: RHSA-2015:0695
REDHAT: RHSA-2015:0782
REDHAT: RHSA-2015:0803
CONFIRM: http://www.oracle.com/...
BID: 59264
MLIST: [linux-kernel] 2013041...
CONFIRM: http://kb.juniper.net/...

Launchpad.net

CVE 2013-2596

Related bugs

References