Integer Overflow in Linux Kernel Affects Android Products from Motorola
CVE-2013-2596
Key Information:
- Vendor
Linux
- Status
- Vendor
- CVE Published:
- 13 April 2013
Badges
What is CVE-2013-2596?
An integer overflow vulnerability exists in the fb_mmap function within the Linux kernel before version 3.8.9. This flaw specifically impacts certain builds of Android 4.1.2 produced by Motorola. It enables local users to exploit crafted mmap2 system calls on /dev/graphics/fb0 to create a read-write memory mapping for the entire kernel memory space. As a result, this may allow unauthorized privilege escalation, potentially leading to full access to sensitive kernel memory and system resources.
CISA has reported CVE-2013-2596
CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2013-2596 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace
The CISA's recommendation is: Apply updates per vendor instructions.
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.