PT-2013-5051 · Linux+2 · Linux Kernel+2

Fabian Yamaguchi

Publicado

2013-11-07

Atualizado

2023-12-15

CVE-2013-4511

CVSS v2.0

6.9

Média

Vetor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 3.12

Description The issue is related to multiple integer overflows in Alchemy LCD frame-buffer drivers. Local users can create a read-write memory mapping for the entirety of kernel memory and gain privileges via crafted mmap operations. This is related to the au1100fb fb mmap function in drivers/video/au1100fb.c and the au1200fb fb mmap function in drivers/video/au1200fb.c.

Recommendations For Linux kernel versions prior to 3.12, update to version 3.12 or later to resolve the issue. As a temporary workaround, consider restricting access to the au1100fb fb mmap and au1200fb fb mmap functions until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-189

Identificadores relacionados

ALT-PU-2013-1060

ALT-PU-2013-1061

ALT-PU-2013-1133

ALT-PU-2014-1422

CVE-2013-4511

DSA-2906-1

OPENSUSE-SU-2014_0204-1

OPENSUSE-SU-2014_0205-1

SUSE-RU-2015:0621-1

SUSE-SU-2015:0481-1

SUSE-SU-2015:0581-1

SUSE-SU-2015:0652-1

SUSE-SU-2015:0736-1

SUSE-SU-2015:1174-1

SUSE-SU-2015:1376-1

USN-2036-1

USN-2037-1

USN-2066-1

USN-2067-1

USN-2068-1

USN-2069-1

USN-2070-1

USN-2071-1

USN-2072-1

USN-2073-1

USN-2074-1

USN-2075-1

USN-2076-1

Produtos afetados

Alt Linux

Linux Kernel

Suse

PT-2013-5051 · Linux+2 · Linux Kernel+2

CVE-2013-4511

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 264