Back to search
CVE-2013-2596
Published: Apr 13, 2013
Modified: Oct 22, 2025
PUBLISHED
Description
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2015:0695
vendor-advisory
x_refsource_REDHAT
59264
vdb-entry
x_refsource_BID
MDVSA-2013:176
vendor-advisory
x_refsource_MANDRIVA
[linux-kernel] 20130417 Device driver memory 'mmap()' function helper cleanup
mailing-list
x_refsource_MLIST
RHSA-2015:0803
vendor-advisory
x_refsource_REDHAT
http://forum.xda-developers.com/showthread.php?t=2255491
x_refsource_MISC
http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9
x_refsource_CONFIRM
RHSA-2015:0782
vendor-advisory
x_refsource_REDHAT
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now