{
  "threat_severity" : "Important",
  "public_date" : "2013-04-09T00:00:00Z",
  "bugzilla" : {
    "description" : "kernel: integer overflow in fb_mmap",
    "id" : "1034490",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1034490"
  },
  "cvss" : {
    "cvss_base_score" : "6.0",
    "cvss_scoring_vector" : "AV:L/AC:H/Au:S/C:C/I:C/A:C",
    "status" : "verified"
  },
  "cwe" : "CWE-190",
  "details" : [ "Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.", "An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system." ],
  "statement" : "This issue does not affect the version of the kernel package as shipped with Red Hat Enterprise MRG 2.\nThis issue affects the versions of Linux kernel as shipped with Red Hat Enterprise Linux 5. Future kernel updates for Red Hat Enterprise Linux 5 may address this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "release_date" : "2016-03-15T00:00:00Z",
    "advisory" : "RHSA-2016:0450",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5",
    "package" : "kernel-0:2.6.18-409.el5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2014-10-13T00:00:00Z",
    "advisory" : "RHSA-2014:1392",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "kernel-0:2.6.32-504.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.2 Advanced Update Support",
    "release_date" : "2015-03-17T00:00:00Z",
    "advisory" : "RHSA-2015:0695",
    "cpe" : "cpe:/o:redhat:rhel_mission_critical:6.2",
    "package" : "kernel-0:2.6.32-220.60.2.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.4 Advanced Update Support",
    "release_date" : "2015-04-14T00:00:00Z",
    "advisory" : "RHSA-2015:0803",
    "cpe" : "cpe:/o:redhat:rhel_aus:6.4",
    "package" : "kernel-0:2.6.32-358.59.1.el6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6.5 Extended Update Support",
    "release_date" : "2015-04-07T00:00:00Z",
    "advisory" : "RHSA-2015:0782",
    "cpe" : "cpe:/o:redhat:rhel_eus:6.5",
    "package" : "kernel-0:2.6.32-431.53.2.el6"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "kernel",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise MRG 2",
    "fix_state" : "Not affected",
    "package_name" : "realtime-kernel",
    "cpe" : "cpe:/a:redhat:enterprise_mrg:2"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-2596\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-2596\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog" ],
  "name" : "CVE-2013-2596",
  "csaw" : false
}