CVE-2013-6282 in Kernelinfo

Summary

The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Reservation

10/25/2013

Disclosure

11/20/2013

Status

Confirmed

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
11226	Linux Kernel API Function put_user input validation	20	Attacked	Official fix	CVE-2013-6282

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

Sources

MITRE
NVD
CVE Details

◂ PreviousOverviewNext ▸

Might our Artificial Intelligence support you?

Check our Alexa App!