Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2013-6282
HistoryNov 20, 2013 - 1:19 p.m.

CVE-2013-6282

2013-11-2013:19:43
CWE-20
[email protected]
web.nvd.nist.gov
9

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.8

Confidence

High

EPSS

0.024

Percentile

89.9%

JSON

The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.

Affected configurations

Nvd
Node
linuxlinux_kernelRange<3.2.54
OR
linuxlinux_kernelRange3.33.4.12
OR
linuxlinux_kernelRange3.53.5.5

Related

android 1
seebug 1
debiancve 1
prion 1
zdt 1
exploitpack 1
ubuntucve 1
cisa_kev 1
redhatcve 1
attackerkb 1
cvelist 1
packetstorm 1
metasploit 1
cve 1
exploitdb 2
thn 3
securelist 1
openvas 4
ubuntu 1
nessus 2
android
android
Qualcomm missing checks put_user get_user
2013-09-06 00:00:00
seebug
seebug
Linux ARM - Local Root Exploit
2014-07-01 00:00:00
debiancve
debiancve
CVE-2013-6282
2013-11-20 13:19:43
prion
prion
Memory corruption
2013-11-20 13:19:00
zdt
zdt
Android get_user/put_user Exploit
2016-12-26 00:00:00
exploitpack
exploitpack
Linux Kernel 3.4.5 (Android 4.2.24.4 ARM) - Local Privilege Escalation
2014-02-11 00:00:00
ubuntucve
ubuntucve
CVE-2013-6282
2013-11-20 00:00:00
cisa_kev
cisa_kev
Linux Kernel Improper Input Validation Vulnerability
2022-09-15 00:00:00
redhatcve
redhatcve
CVE-2013-6282
2015-10-30 10:07:20
attackerkb
attackerkb
CVE-2013-6282
2013-11-20 00:00:00
cvelist
cvelist
CVE-2013-6282
2013-11-19 15:00:00
packetstorm
packetstorm
Android get_user/put_user Exploit
2016-12-26 00:00:00
metasploit
metasploit
Android get_user/put_user Exploit
2016-12-13 09:02:23
cve
cve
CVE-2013-6282
2013-11-20 13:19:43
exploitdb
exploitdb
Linux Kernel &lt; 3.4.5 (Android 4.2.2/4.4 ARM) - Local Privilege Escalation
2014-02-11 00:00:00
Google Android - get_user/put_user (Metasploit)
2016-12-29 00:00:00
thn
thn
Over 1 Million Google Accounts Hacked by 'Gooligan' Android Malware
2016-11-30 05:44:00
CopyCat Android Rooting Malware Infected 14 Million Devices
2017-07-06 05:17:00
Google Detects Android Spyware That Spies On WhatsApp, Skype Calls
2017-11-27 22:29:00
securelist
securelist
Skygofree: Following in the footsteps of HackingTeam
2018-01-16 10:00:58
openvas
openvas
Ubuntu Update for linux-ti-omap4 USN-2067-1
2014-01-06 00:00:00
Ubuntu: Security Advisory (USN-2067-1)
2014-01-06 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1635)
2020-01-23 00:00:00
ubuntu
ubuntu
Linux kernel (OMAP4) vulnerabilities
2014-01-03 00:00:00
nessus
nessus
EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1635)
2019-05-30 00:00:00
EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1186)
2020-03-11 00:00:00

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.8

Confidence

High

EPSS

0.024

Percentile

89.9%

JSON
Related for NVD:CVE-2013-6282
android1seebug1debiancve1prion1zdt1exploitpack1ubuntucve1cisa_kev1redhatcve1attackerkb1cvelist1packetstorm1metasploit1cve1exploitdb2thn3securelist1openvas4ubuntu1nessus2