Vulnerability-Lookup

CVE-2013-2596 (GCVE-0-2013-2596)

Vulnerability from cvelistv5 – Published: 2013-04-13 01:00 – Updated: 2025-10-22 00:05

CISA KEV

Summary

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

16 references

URL	Tags
http://rhn.redhat.com/errata/RHSA-2015-0695.html	vendor-advisoryx_refsource_REDHAT
http://www.securityfocus.com/bid/59264	vdb-entryx_refsource_BID
http://www.droid-life.com/2013/04/09/root-method-…	x_refsource_MISC
http://www.mandriva.com/security/advisories?name=…	vendor-advisoryx_refsource_MANDRIVA
http://marc.info/?l=linux-kernel&m=136616837923938&w=2	mailing-listx_refsource_MLIST
https://github.com/torvalds/linux/commit/b4cbb197…	x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security…	x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvald…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-0803.html	vendor-advisoryx_refsource_REDHAT
http://forum.xda-developers.com/showthread.php?t=…	x_refsource_MISC
http://www.droidrzr.com/index.php/topic/15208-roo…	x_refsource_MISC
http://www.kernel.org/pub/linux/kernel/v3.x/Chang…	x_refsource_CONFIRM
http://rhn.redhat.com/errata/RHSA-2015-0782.html	vendor-advisoryx_refsource_REDHAT
http://kb.juniper.net/InfoCenter/index?page=conte…	x_refsource_CONFIRM
https://github.com/torvalds/linux/commit/fc9bbca8…	x_refsource_CONFIRM
http://git.kernel.org/?p=linux/kernel/git/torvald…	x_refsource_CONFIRM

Date Public ?

2013-04-09 00:00

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

KEV entry ID: 42c4ecad-654d-4687-811c-3447ecf733e0

Vulnerability ID: CVE-2013-2596

Status: Confirmed

Status Updated: 2022-09-15 00:00 UTC

Exploited: Yes

Timestamps

First Seen: 2022-09-15

Asserted: 2022-09-15

Scope

Notes: KEV entry: Linux Kernel Integer Overflow Vulnerability | Affected: Linux / Kernel | Description: Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability that allows for privilege escalation. | Required action: Apply updates per vendor instructions. | Due date: 2022-10-06 | Known ransomware campaign use (KEV): Unknown | Notes (KEV): https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc9bbca8f650e5f738af8806317c0a041a48ae4a; https://nvd.nist.gov/vuln/detail/CVE-2013-2596

Evidence

Type: Vendor Report

Signal: Successful Exploitation

Confidence: 80%

Source: cisa-kev

Details

Cwes	CWE-189
Feed	CISA Known Exploited Vulnerabilities Catalog
Product	Kernel
Due Date	2022-10-06
Date Added	2022-09-15
Vendorproject	Linux
Vulnerabilityname	Linux Kernel Integer Overflow Vulnerability
Knownransomwarecampaignuse	Unknown

References

CVE-2013-2596

Created: 2026-02-02 12:27 UTC | Updated: 2026-02-06 07:17 UTC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T15:44:32.640Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2015:0695",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0695.html"
          },
          {
            "name": "59264",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/59264"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/"
          },
          {
            "name": "MDVSA-2013:176",
            "tags": [
              "vendor-advisory",
              "x_refsource_MANDRIVA",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176"
          },
          {
            "name": "[linux-kernel] 20130417 Device driver memory \u0027mmap()\u0027 function helper cleanup",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=linux-kernel\u0026m=136616837923938\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4cbb197c7e7a68dbad0d491242e3ca67420c13e"
          },
          {
            "name": "RHSA-2015:0803",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0803.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://forum.xda-developers.com/showthread.php?t=2255491"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9"
          },
          {
            "name": "RHSA-2015:0782",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0782.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc9bbca8f650e5f738af8806317c0a041a48ae4a"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2013-2596",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-01T03:55:10.585625Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2022-09-15",
                "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2596"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-190",
                "description": "CWE-190 Integer Overflow or Wraparound",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-22T00:05:43.277Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "government-resource"
            ],
            "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2596"
          }
        ],
        "timeline": [
          {
            "lang": "en",
            "time": "2022-09-15T00:00:00.000Z",
            "value": "CVE-2013-2596 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-04-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-12-29T21:57:01.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2015:0695",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0695.html"
        },
        {
          "name": "59264",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/59264"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/"
        },
        {
          "name": "MDVSA-2013:176",
          "tags": [
            "vendor-advisory",
            "x_refsource_MANDRIVA"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176"
        },
        {
          "name": "[linux-kernel] 20130417 Device driver memory \u0027mmap()\u0027 function helper cleanup",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://marc.info/?l=linux-kernel\u0026m=136616837923938\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4cbb197c7e7a68dbad0d491242e3ca67420c13e"
        },
        {
          "name": "RHSA-2015:0803",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0803.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://forum.xda-developers.com/showthread.php?t=2255491"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9"
        },
        {
          "name": "RHSA-2015:0782",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2015-0782.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc9bbca8f650e5f738af8806317c0a041a48ae4a"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2013-2596",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2015:0695",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0695.html"
            },
            {
              "name": "59264",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/59264"
            },
            {
              "name": "http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/",
              "refsource": "MISC",
              "url": "http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/"
            },
            {
              "name": "MDVSA-2013:176",
              "refsource": "MANDRIVA",
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:176"
            },
            {
              "name": "[linux-kernel] 20130417 Device driver memory \u0027mmap()\u0027 function helper cleanup",
              "refsource": "MLIST",
              "url": "http://marc.info/?l=linux-kernel\u0026m=136616837923938\u0026w=2"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b4cbb197c7e7a68dbad0d491242e3ca67420c13e",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b4cbb197c7e7a68dbad0d491242e3ca67420c13e"
            },
            {
              "name": "RHSA-2015:0803",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0803.html"
            },
            {
              "name": "http://forum.xda-developers.com/showthread.php?t=2255491",
              "refsource": "MISC",
              "url": "http://forum.xda-developers.com/showthread.php?t=2255491"
            },
            {
              "name": "http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/",
              "refsource": "MISC",
              "url": "http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/"
            },
            {
              "name": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9",
              "refsource": "CONFIRM",
              "url": "http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9"
            },
            {
              "name": "RHSA-2015:0782",
              "refsource": "REDHAT",
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0782.html"
            },
            {
              "name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761",
              "refsource": "CONFIRM",
              "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761"
            },
            {
              "name": "https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a",
              "refsource": "CONFIRM",
              "url": "https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a"
            },
            {
              "name": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fc9bbca8f650e5f738af8806317c0a041a48ae4a",
              "refsource": "CONFIRM",
              "url": "http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fc9bbca8f650e5f738af8806317c0a041a48ae4a"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2013-2596",
    "datePublished": "2013-04-13T01:00:00.000Z",
    "dateReserved": "2013-03-15T00:00:00.000Z",
    "dateUpdated": "2025-10-22T00:05:43.277Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2013-2596",
      "cwes": "[\"CWE-189\"]",
      "dateAdded": "2022-09-15",
      "dueDate": "2022-10-06",
      "knownRansomwareCampaignUse": "Unknown",
      "notes": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fc9bbca8f650e5f738af8806317c0a041a48ae4a; https://nvd.nist.gov/vuln/detail/CVE-2013-2596",
      "product": "Kernel",
      "requiredAction": "Apply updates per vendor instructions.",
      "shortDescription": "Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability that allows for privilege escalation.",
      "vendorProject": "Linux",
      "vulnerabilityName": "Linux Kernel Integer Overflow Vulnerability"
    },
    "epss": {
      "cve": "CVE-2013-2596",
      "date": "2026-05-21",
      "epss": "0.03131",
      "percentile": "0.87029"
    },
    "fkie_nvd": {
      "cisaActionDue": "2022-10-06",
      "cisaExploitAdd": "2022-09-15",
      "cisaRequiredAction": "Apply updates per vendor instructions.",
      "cisaVulnerabilityName": "Linux Kernel Integer Overflow Vulnerability",
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"2.6.12\", \"versionEndExcluding\": \"3.0.75\", \"matchCriteriaId\": \"F6BFD971-9FC9-4D37-99FC-9E39178942E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.1\", \"versionEndExcluding\": \"3.2.45\", \"matchCriteriaId\": \"88DA168C-393B-4853-8034-6E9099CC9623\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.3\", \"versionEndExcluding\": \"3.4.42\", \"matchCriteriaId\": \"8FECB4AF-F9DF-44E3-BD62-741D5D129053\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.5\", \"versionEndExcluding\": \"3.8.9\", \"matchCriteriaId\": \"7E3C2571-AFE5-4ED0-810D-232092DD0220\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:motorola:android:4.1.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"62EFFAAF-F122-4019-8554-9E9CEF73CDAE\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:motorola:atrix_hd:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"75B24D97-F98A-4A1A-B20E-EB6D610C71EA\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:motorola:razr_hd:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5D2D0B7-8170-46F2-9FC8-2DDD3E96DE66\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:motorola:razr_m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"01FE07B3-068A-4C2A-A985-631070C17F51\"}, {\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:qualcomm:msm8960:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"73B9587B-78D0-4057-B694-E1E6655F624F\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.\"}, {\"lang\": \"es\", \"value\": \"Una determinada version de Android v4.1.2 en dispositivos Motorola Razr HD, Razr M, y Atrix HD con el chipset Qualcomm MSM8960 permite a atacantes f\\u00edsicamente pr\\u00f3ximos obtener acceso de root entrando en el modo de depuraci\\u00f3n USB, usando Android Debug Bridge (ADB) para establecer una conexi\\u00f3n USB, y cargar y ejecutar el programa pwn Motochopper.\"}]",
      "id": "CVE-2013-2596",
      "lastModified": "2024-12-20T03:56:38.760",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 6.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.4, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-04-13T02:59:46.627",
      "references": "[{\"url\": \"http://forum.xda-developers.com/showthread.php?t=2255491\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://marc.info/?l=linux-kernel\u0026m=136616837923938\u0026w=2\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0695.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0782.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0803.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Issue Tracking\"]}, {\"url\": \"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Release Notes\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:176\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/59264\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Patch\"]}, {\"url\": \"http://forum.xda-developers.com/showthread.php?t=2255491\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\"]}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://marc.info/?l=linux-kernel\u0026m=136616837923938\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0695.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0782.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0803.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\", \"Third Party Advisory\"]}, {\"url\": \"http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Issue Tracking\"]}, {\"url\": \"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Release Notes\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:176\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/59264\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Patch\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Analyzed",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-190\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-2596\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2013-04-13T02:59:46.627\",\"lastModified\":\"2026-04-21T18:14:34.783\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.\"},{\"lang\":\"es\",\"value\":\"Una determinada version de Android v4.1.2 en dispositivos Motorola Razr HD, Razr M, y Atrix HD con el chipset Qualcomm MSM8960 permite a atacantes f\u00edsicamente pr\u00f3ximos obtener acceso de root entrando en el modo de depuraci\u00f3n USB, usando Android Debug Bridge (ADB) para establecer una conexi\u00f3n USB, y cargar y ejecutar el programa pwn Motochopper.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":6.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.4,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"cisaExploitAdd\":\"2022-09-15\",\"cisaActionDue\":\"2022-10-06\",\"cisaRequiredAction\":\"Apply updates per vendor instructions.\",\"cisaVulnerabilityName\":\"Linux Kernel Integer Overflow Vulnerability\",\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-190\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.12\",\"versionEndExcluding\":\"3.0.75\",\"matchCriteriaId\":\"F6BFD971-9FC9-4D37-99FC-9E39178942E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.1\",\"versionEndExcluding\":\"3.2.45\",\"matchCriteriaId\":\"88DA168C-393B-4853-8034-6E9099CC9623\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3\",\"versionEndExcluding\":\"3.4.42\",\"matchCriteriaId\":\"8FECB4AF-F9DF-44E3-BD62-741D5D129053\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5\",\"versionEndExcluding\":\"3.8.9\",\"matchCriteriaId\":\"7E3C2571-AFE5-4ED0-810D-232092DD0220\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:motorola:android:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62EFFAAF-F122-4019-8554-9E9CEF73CDAE\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:motorola:atrix_hd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"75B24D97-F98A-4A1A-B20E-EB6D610C71EA\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:motorola:razr_hd:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5D2D0B7-8170-46F2-9FC8-2DDD3E96DE66\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:motorola:razr_m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01FE07B3-068A-4C2A-A985-631070C17F51\"},{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:qualcomm:msm8960:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"73B9587B-78D0-4057-B694-E1E6655F624F\"}]}]}],\"references\":[{\"url\":\"http://forum.xda-developers.com/showthread.php?t=2255491\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\"]},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4cbb197c7e7a68dbad0d491242e3ca67420c13e\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc9bbca8f650e5f738af8806317c0a041a48ae4a\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=136616837923938\u0026w=2\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0695.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0782.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0803.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:176\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/59264\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"http://forum.xda-developers.com/showthread.php?t=2255491\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\"]},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4cbb197c7e7a68dbad0d491242e3ca67420c13e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc9bbca8f650e5f738af8806317c0a041a48ae4a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://marc.info/?l=linux-kernel\u0026m=136616837923938\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0695.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0782.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2015-0803.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\",\"Third Party Advisory\"]},{\"url\":\"http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Issue Tracking\"]},{\"url\":\"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDVSA-2013:176\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/59264\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2596\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"US Government Resource\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0695.html\", \"name\": \"RHSA-2015:0695\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/59264\", \"name\": \"59264\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:176\", \"name\": \"MDVSA-2013:176\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=linux-kernel\u0026m=136616837923938\u0026w=2\", \"name\": \"[linux-kernel] 20130417 Device driver memory \u0027mmap()\u0027 function helper cleanup\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\", \"x_transferred\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0803.html\", \"name\": \"RHSA-2015:0803\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://forum.xda-developers.com/showthread.php?t=2255491\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0782.html\", \"name\": \"RHSA-2015:0782\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\", \"x_transferred\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-06T15:44:32.640Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2013-2596\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"active\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-01T03:55:10.585625Z\"}}}, {\"other\": {\"type\": \"kev\", \"content\": {\"dateAdded\": \"2022-09-15\", \"reference\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2596\"}}}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2022-09-15T00:00:00.000Z\", \"value\": \"CVE-2013-2596 added to CISA KEV\"}], \"references\": [{\"url\": \"https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2596\", \"tags\": [\"government-resource\"]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-190\", \"description\": \"CWE-190 Integer Overflow or Wraparound\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-07T14:12:55.491Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2013-04-09T00:00:00.000Z\", \"references\": [{\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0695.html\", \"name\": \"RHSA-2015:0695\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://www.securityfocus.com/bid/59264\", \"name\": \"59264\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:176\", \"name\": \"MDVSA-2013:176\", \"tags\": [\"vendor-advisory\", \"x_refsource_MANDRIVA\"]}, {\"url\": \"http://marc.info/?l=linux-kernel\u0026m=136616837923938\u0026w=2\", \"name\": \"[linux-kernel] 20130417 Device driver memory \u0027mmap()\u0027 function helper cleanup\", \"tags\": [\"mailing-list\", \"x_refsource_MLIST\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0803.html\", \"name\": \"RHSA-2015:0803\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://forum.xda-developers.com/showthread.php?t=2255491\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0782.html\", \"name\": \"RHSA-2015:0782\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"tags\": [\"x_refsource_CONFIRM\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2016-12-29T21:57:01.000Z\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0695.html\", \"name\": \"RHSA-2015:0695\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://www.securityfocus.com/bid/59264\", \"name\": \"59264\", \"refsource\": \"BID\"}, {\"url\": \"http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/\", \"name\": \"http://www.droid-life.com/2013/04/09/root-method-released-for-droid-razr-hd-running-android-4-1-2-other-devices-too/\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.mandriva.com/security/advisories?name=MDVSA-2013:176\", \"name\": \"MDVSA-2013:176\", \"refsource\": \"MANDRIVA\"}, {\"url\": \"http://marc.info/?l=linux-kernel\u0026m=136616837923938\u0026w=2\", \"name\": \"[linux-kernel] 20130417 Device driver memory \u0027mmap()\u0027 function helper cleanup\", \"refsource\": \"MLIST\"}, {\"url\": \"https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"name\": \"https://github.com/torvalds/linux/commit/b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html\", \"name\": \"http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"name\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=b4cbb197c7e7a68dbad0d491242e3ca67420c13e\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0803.html\", \"name\": \"RHSA-2015:0803\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://forum.xda-developers.com/showthread.php?t=2255491\", \"name\": \"http://forum.xda-developers.com/showthread.php?t=2255491\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/\", \"name\": \"http://www.droidrzr.com/index.php/topic/15208-root-motochopper-yet-another-android-root-exploit/\", \"refsource\": \"MISC\"}, {\"url\": \"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9\", \"name\": \"http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.9\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://rhn.redhat.com/errata/RHSA-2015-0782.html\", \"name\": \"RHSA-2015:0782\", \"refsource\": \"REDHAT\"}, {\"url\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\", \"name\": \"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"name\": \"https://github.com/torvalds/linux/commit/fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"refsource\": \"CONFIRM\"}, {\"url\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"name\": \"http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=fc9bbca8f650e5f738af8806317c0a041a48ae4a\", \"refsource\": \"CONFIRM\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2013-2596\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"cve@mitre.org\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2013-2596\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-22T00:05:43.277Z\", \"dateReserved\": \"2013-03-15T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2013-04-13T01:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

CERTA-2013-AVI-375

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans le noyau Linux de Mandriva. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service et une atteinte à la confidentialité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Mandriva Business Server 1

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Mandriva MDVSA-2013:176 du 24 juin 2013	None	vendor-advisory
Bulletin de sécurité Mandriva MDVSA-2013:176 du 24 juin 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMandriva Business Server 1\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-2546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2546"
    },
    {
      "name": "CVE-2013-3228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3228"
    },
    {
      "name": "CVE-2013-1979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1979"
    },
    {
      "name": "CVE-2013-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0217"
    },
    {
      "name": "CVE-2013-0290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0290"
    },
    {
      "name": "CVE-2013-3225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3225"
    },
    {
      "name": "CVE-2013-3235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3235"
    },
    {
      "name": "CVE-2013-0914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0914"
    },
    {
      "name": "CVE-2013-3233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3233"
    },
    {
      "name": "CVE-2013-3223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3223"
    },
    {
      "name": "CVE-2013-1929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1929"
    },
    {
      "name": "CVE-2013-1860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1860"
    },
    {
      "name": "CVE-2013-2635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2635"
    },
    {
      "name": "CVE-2013-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0216"
    },
    {
      "name": "CVE-2013-1798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1798"
    },
    {
      "name": "CVE-2013-2548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2548"
    },
    {
      "name": "CVE-2013-2634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2634"
    },
    {
      "name": "CVE-2013-3234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3234"
    },
    {
      "name": "CVE-2013-3222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3222"
    },
    {
      "name": "CVE-2013-2094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2094"
    },
    {
      "name": "CVE-2013-1767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1767"
    },
    {
      "name": "CVE-2012-6548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6548"
    },
    {
      "name": "CVE-2013-1797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1797"
    },
    {
      "name": "CVE-2013-3231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3231"
    },
    {
      "name": "CVE-2013-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1792"
    },
    {
      "name": "CVE-2013-2547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2547"
    },
    {
      "name": "CVE-2013-3229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3229"
    },
    {
      "name": "CVE-2013-0311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0311"
    },
    {
      "name": "CVE-2013-1796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1796"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    },
    {
      "name": "CVE-2013-2141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2141"
    },
    {
      "name": "CVE-2013-0228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0228"
    },
    {
      "name": "CVE-2013-3227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3227"
    },
    {
      "name": "CVE-2012-6547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6547"
    },
    {
      "name": "CVE-2013-3232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3232"
    },
    {
      "name": "CVE-2012-5532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5532"
    },
    {
      "name": "CVE-2012-6549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6549"
    },
    {
      "name": "CVE-2013-3224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3224"
    },
    {
      "name": "CVE-2012-2669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2669"
    },
    {
      "name": "CVE-2013-1848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1848"
    },
    {
      "name": "CVE-2013-2146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2146"
    },
    {
      "name": "CVE-2013-1763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1763"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2013:176 du 24 juin    2013",
      "url": "http://www.mandriva.com/fr/support/security/advisories/mbs1/MDVSA-2013:176/"
    }
  ],
  "reference": "CERTA-2013-AVI-375",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-06-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eMandriva\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Mandriva",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2013:176 du 24 juin 2013",
      "url": null
    }
  ]
}

CERTFR-2014-AVI-416

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans le noyau Linux de Red Hat. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un déni de service et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Red Hat	Red Hat Enterprise Linux	Red Hat Enterprise Linux Desktop 6
Red Hat	Red Hat Enterprise Linux	Red Hat Enterprise Linux Workstation 6
Red Hat	Red Hat Enterprise Linux	Red Hat Enterprise Linux HPC Node 6
Red Hat	Red Hat Enterprise Linux Server	Red Hat Enterprise Linux Server 6

References

Title

Publication Time

Tags

Bulletin de sécurité Red Hat RHSA-2014:1392-2 du 14 octobre 2014	None	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2014:1392-2 du 14 octobre 2014	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Red Hat Enterprise Linux Desktop 6",
      "product": {
        "name": "Red Hat Enterprise Linux",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Workstation 6",
      "product": {
        "name": "Red Hat Enterprise Linux",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux HPC Node 6",
      "product": {
        "name": "Red Hat Enterprise Linux",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server 6",
      "product": {
        "name": "Red Hat Enterprise Linux Server",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-3122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3122"
    },
    {
      "name": "CVE-2014-5045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5045"
    },
    {
      "name": "CVE-2013-4483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4483"
    },
    {
      "name": "CVE-2014-5077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5077"
    },
    {
      "name": "CVE-2014-4608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4608"
    },
    {
      "name": "CVE-2014-4655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4655"
    },
    {
      "name": "CVE-2014-0181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0181"
    },
    {
      "name": "CVE-2014-3601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3601"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    },
    {
      "name": "CVE-2014-4653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4653"
    },
    {
      "name": "CVE-2014-4654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4654"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2014:1392-2 du 14 octobre    2014",
      "url": "https://rhn.redhat.com/errata/RHSA-2014-1392.html"
    }
  ],
  "reference": "CERTFR-2014-AVI-416",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-10-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eRed Hat\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, un d\u00e9ni de\nservice et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red Hat",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2014:1392-2 du 14 octobre 2014",
      "url": null
    }
  ]
}

CERTFR-2014-AVI-450

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Oracle Linux. Elles permettent à un attaquant de provoquer un déni de service et une élévation de privilèges.

Contournement provisoire

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Oracle Linux 6

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle du 28 octobre 2014

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eOracle Linux 6\u003c/P\u003e",
  "content": "## Contournement provisoire\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-3122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3122"
    },
    {
      "name": "CVE-2014-5045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5045"
    },
    {
      "name": "CVE-2013-4483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4483"
    },
    {
      "name": "CVE-2014-5077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5077"
    },
    {
      "name": "CVE-2014-4608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4608"
    },
    {
      "name": "CVE-2014-4655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4655"
    },
    {
      "name": "CVE-2014-0181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0181"
    },
    {
      "name": "CVE-2014-3601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3601"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    },
    {
      "name": "CVE-2014-4653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4653"
    },
    {
      "name": "CVE-2014-4654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4654"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-450",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-10-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Linux\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Linux",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 28 octobre 2014",
      "url": "http://linux.oracle.com/errata/ELSA-2014-1392.html"
    }
  ]
}

CERTFR-2015-AVI-136

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans le noyau LinuxRed Hat. Elles permettent à un attaquant de provoquer un déni de service à distance, un déni de service et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Red Hat	Red Hat Enterprise Linux Server	Red Hat Entreprise Linux Server EUS (v 6.5.z)
	Red Hat	Red Hat Enterprise Linux Server	Red Hat Enterprise Linux Server AUS (v. 6.5)

References

Title

Publication Time

Tags

Bulletin de sécurité Red Hat RHSA-2015:0782-1 du 07 avril 2015	None	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2015:0782-1 du 07 avril 2015	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Red Hat Entreprise Linux Server EUS (v 6.5.z)",
      "product": {
        "name": "Red Hat Enterprise Linux Server",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server AUS (v. 6.5)",
      "product": {
        "name": "Red Hat Enterprise Linux Server",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-8159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8159"
    },
    {
      "name": "CVE-2014-3690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3690"
    },
    {
      "name": "CVE-2014-5472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5472"
    },
    {
      "name": "CVE-2014-5471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5471"
    },
    {
      "name": "CVE-2015-1421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1421"
    },
    {
      "name": "CVE-2014-8884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8884"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2015:0782-1 du 07 avril    2015",
      "url": "https://rhn.redhat.com/errata/RHSA-2015-0782.html"
    }
  ],
  "reference": "CERTFR-2015-AVI-136",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-04-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\u003cspan\nclass=\"textit\"\u003eRed Hat\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance, un d\u00e9ni de service et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Red Hat Enterprise Linux Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2015:0782-1 du 07 avril 2015",
      "url": null
    }
  ]
}

CERTFR-2015-AVI-164

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans le noyau Linux de Red-Hat. Elles permettent à un attaquant de provoquer un déni de service et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Red Hat Enterprise Linux 6.4

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Red-Hat RHSA-2015:0803-1 du 14 avril 2015	None	vendor-advisory
Bulletin de sécurité Red-Hat RHSA-2015:0803-1 du 14 avril 2015	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eRed Hat Enterprise Linux 6.4\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-8159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8159"
    },
    {
      "name": "CVE-2014-5472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5472"
    },
    {
      "name": "CVE-2014-5471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5471"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red-Hat RHSA-2015:0803-1 du 14 avril    2015",
      "url": "https://rhn.redhat.com/errata/RHSA-2015-0803.html"
    }
  ],
  "reference": "CERTFR-2015-AVI-164",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-04-15T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eRed-Hat\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red-Hat",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Red-Hat RHSA-2015:0803-1 du 14 avril 2015",
      "url": null
    }
  ]
}

CERTFR-2016-AVI-344

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un contournement de la politique de sécurité.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Juniper Networks	N/A	Junos OS avec J-Web activé versions antérieures à 12.1X44-D60, 12.1X46-D40, 12.1X47-D30, 12.3R11, 12.3X48-D20, 13.2X51-D39, 13.2X51-D40, 13.3R9, 14.1R6, 14.2R6, 15.1R3, 15.1X49-D20 et 16.1R1
Juniper Networks	Junos OS	Junos OS avec IPv6 versions antérieures à 11.4R13, 12.1X44-D45, 12.1X46-D30, 12.1X47-D20, 12.3R9 et 13.3R5
Juniper Networks	N/A	vMX versions antérieures à 14.1R8, 15.1F6 et 16.1
Juniper Networks	Junos OS	Junos OS versions antérieures à 12.1X46-D60, 12.1X47-D45, 12.3R12, 12.3X48-D35, 13.2R9, 13.3R9, 14.1R7, 14.1X53-D40, 14.1X55-D35, 14.2R5, 15.1F4, 15.1R3, 15.1X49-D60, 15.1X53-D70, 16.1R1

References

Title

Publication Time

Tags

Bulletin de sécurité Juniper JSA10763 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10764 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10766 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10762 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10761 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10760 du 13 octobre 2016	None	vendor-advisory
Bulletin de sécurité Juniper JSA10767 du 13 octobre 2016	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Junos OS avec J-Web activ\u00e9 versions ant\u00e9rieures \u00e0 12.1X44-D60, 12.1X46-D40, 12.1X47-D30, 12.3R11, 12.3X48-D20, 13.2X51-D39, 13.2X51-D40, 13.3R9, 14.1R6, 14.2R6, 15.1R3, 15.1X49-D20 et 16.1R1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS avec IPv6 versions ant\u00e9rieures \u00e0 11.4R13, 12.1X44-D45, 12.1X46-D30, 12.1X47-D20, 12.3R9 et 13.3R5",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "vMX versions ant\u00e9rieures \u00e0 14.1R8, 15.1F6 et 16.1",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    },
    {
      "description": "Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D60, 12.1X47-D45, 12.3R12, 12.3X48-D35, 13.2R9, 13.3R9, 14.1R7, 14.1X53-D40, 14.1X55-D35, 14.2R5, 15.1F4, 15.1R3, 15.1X49-D60, 15.1X53-D70, 16.1R1",
      "product": {
        "name": "Junos OS",
        "vendor": {
          "name": "Juniper Networks",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2016-4926",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4926"
    },
    {
      "name": "CVE-2013-1741",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1741"
    },
    {
      "name": "CVE-2013-5606",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5606"
    },
    {
      "name": "CVE-2011-2749",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2749"
    },
    {
      "name": "CVE-2013-1620",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1620"
    },
    {
      "name": "CVE-2015-3195",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3195"
    },
    {
      "name": "CVE-2016-4925",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4925"
    },
    {
      "name": "CVE-2016-4931",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4931"
    },
    {
      "name": "CVE-2013-1739",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1739"
    },
    {
      "name": "CVE-2013-5605",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5605"
    },
    {
      "name": "CVE-2016-4921",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4921"
    },
    {
      "name": "CVE-2013-5607",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-5607"
    },
    {
      "name": "CVE-2013-0791",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0791"
    },
    {
      "name": "CVE-2015-3194",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3194"
    },
    {
      "name": "CVE-2016-4927",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4927"
    },
    {
      "name": "CVE-2014-1491",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1491"
    },
    {
      "name": "CVE-2014-1492",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1492"
    },
    {
      "name": "CVE-2016-4928",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4928"
    },
    {
      "name": "CVE-2013-0169",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0169"
    },
    {
      "name": "CVE-2016-4922",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4922"
    },
    {
      "name": "CVE-2014-1568",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
    },
    {
      "name": "CVE-2011-2748",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-2748"
    },
    {
      "name": "CVE-2015-1794",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1794"
    },
    {
      "name": "CVE-2015-5366",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5366"
    },
    {
      "name": "CVE-2014-1490",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1490"
    },
    {
      "name": "CVE-2011-0997",
      "url": "https://www.cve.org/CVERecord?id=CVE-2011-0997"
    },
    {
      "name": "CVE-2016-4924",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4924"
    },
    {
      "name": "CVE-2015-3193",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3193"
    },
    {
      "name": "CVE-2015-5364",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-5364"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    },
    {
      "name": "CVE-2012-3571",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-3571"
    },
    {
      "name": "CVE-2015-3196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-3196"
    },
    {
      "name": "CVE-2016-4929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4929"
    },
    {
      "name": "CVE-2016-4930",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4930"
    },
    {
      "name": "CVE-2015-2151",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-2151"
    },
    {
      "name": "CVE-2014-1545",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-1545"
    },
    {
      "name": "CVE-2016-4923",
      "url": "https://www.cve.org/CVERecord?id=CVE-2016-4923"
    }
  ],
  "links": [],
  "reference": "CERTFR-2016-AVI-344",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2016-10-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    },
    {
      "description": "Injection de code indirecte \u00e0 distance"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eles produits Juniper\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et un contournement de la\npolitique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10763 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10763\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10764 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10764\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10766 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10766\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10762 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10762\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10761 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10761\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10760 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10760\u0026cat=SIRT_1\u0026actp=LIST"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10767 du 13 octobre 2016",
      "url": "https://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10767\u0026cat=SIRT_1\u0026actp=LIST"
    }
  ]
}

CERTA-2013-AVI-375

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Mandriva Business Server 1

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Mandriva MDVSA-2013:176 du 24 juin 2013	None	vendor-advisory
Bulletin de sécurité Mandriva MDVSA-2013:176 du 24 juin 2013	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eMandriva Business Server 1\u003c/P\u003e",
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2013-2546",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2546"
    },
    {
      "name": "CVE-2013-3228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3228"
    },
    {
      "name": "CVE-2013-1979",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1979"
    },
    {
      "name": "CVE-2013-0217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0217"
    },
    {
      "name": "CVE-2013-0290",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0290"
    },
    {
      "name": "CVE-2013-3225",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3225"
    },
    {
      "name": "CVE-2013-3235",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3235"
    },
    {
      "name": "CVE-2013-0914",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0914"
    },
    {
      "name": "CVE-2013-3233",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3233"
    },
    {
      "name": "CVE-2013-3223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3223"
    },
    {
      "name": "CVE-2013-1929",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1929"
    },
    {
      "name": "CVE-2013-1860",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1860"
    },
    {
      "name": "CVE-2013-2635",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2635"
    },
    {
      "name": "CVE-2013-0216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0216"
    },
    {
      "name": "CVE-2013-1798",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1798"
    },
    {
      "name": "CVE-2013-2548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2548"
    },
    {
      "name": "CVE-2013-2634",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2634"
    },
    {
      "name": "CVE-2013-3234",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3234"
    },
    {
      "name": "CVE-2013-3222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3222"
    },
    {
      "name": "CVE-2013-2094",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2094"
    },
    {
      "name": "CVE-2013-1767",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1767"
    },
    {
      "name": "CVE-2012-6548",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6548"
    },
    {
      "name": "CVE-2013-1797",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1797"
    },
    {
      "name": "CVE-2013-3231",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3231"
    },
    {
      "name": "CVE-2013-1792",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1792"
    },
    {
      "name": "CVE-2013-2547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2547"
    },
    {
      "name": "CVE-2013-3229",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3229"
    },
    {
      "name": "CVE-2013-0311",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0311"
    },
    {
      "name": "CVE-2013-1796",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1796"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    },
    {
      "name": "CVE-2013-2141",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2141"
    },
    {
      "name": "CVE-2013-0228",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-0228"
    },
    {
      "name": "CVE-2013-3227",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3227"
    },
    {
      "name": "CVE-2012-6547",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6547"
    },
    {
      "name": "CVE-2013-3232",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3232"
    },
    {
      "name": "CVE-2012-5532",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-5532"
    },
    {
      "name": "CVE-2012-6549",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-6549"
    },
    {
      "name": "CVE-2013-3224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-3224"
    },
    {
      "name": "CVE-2012-2669",
      "url": "https://www.cve.org/CVERecord?id=CVE-2012-2669"
    },
    {
      "name": "CVE-2013-1848",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1848"
    },
    {
      "name": "CVE-2013-2146",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2146"
    },
    {
      "name": "CVE-2013-1763",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-1763"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2013:176 du 24 juin    2013",
      "url": "http://www.mandriva.com/fr/support/security/advisories/mbs1/MDVSA-2013:176/"
    }
  ],
  "reference": "CERTA-2013-AVI-375",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2013-06-26T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eMandriva\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire, un d\u00e9ni de\nservice et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Mandriva",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Mandriva MDVSA-2013:176 du 24 juin 2013",
      "url": null
    }
  ]
}

CERTFR-2014-AVI-416

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Red Hat	Red Hat Enterprise Linux	Red Hat Enterprise Linux Desktop 6
Red Hat	Red Hat Enterprise Linux	Red Hat Enterprise Linux Workstation 6
Red Hat	Red Hat Enterprise Linux	Red Hat Enterprise Linux HPC Node 6
Red Hat	Red Hat Enterprise Linux Server	Red Hat Enterprise Linux Server 6

References

Title

Publication Time

Tags

Bulletin de sécurité Red Hat RHSA-2014:1392-2 du 14 octobre 2014	None	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2014:1392-2 du 14 octobre 2014	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Red Hat Enterprise Linux Desktop 6",
      "product": {
        "name": "Red Hat Enterprise Linux",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Workstation 6",
      "product": {
        "name": "Red Hat Enterprise Linux",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux HPC Node 6",
      "product": {
        "name": "Red Hat Enterprise Linux",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server 6",
      "product": {
        "name": "Red Hat Enterprise Linux Server",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-3122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3122"
    },
    {
      "name": "CVE-2014-5045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5045"
    },
    {
      "name": "CVE-2013-4483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4483"
    },
    {
      "name": "CVE-2014-5077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5077"
    },
    {
      "name": "CVE-2014-4608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4608"
    },
    {
      "name": "CVE-2014-4655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4655"
    },
    {
      "name": "CVE-2014-0181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0181"
    },
    {
      "name": "CVE-2014-3601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3601"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    },
    {
      "name": "CVE-2014-4653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4653"
    },
    {
      "name": "CVE-2014-4654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4654"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2014:1392-2 du 14 octobre    2014",
      "url": "https://rhn.redhat.com/errata/RHSA-2014-1392.html"
    }
  ],
  "reference": "CERTFR-2014-AVI-416",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-10-14T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux de\n\u003cspan class=\"textit\"\u003eRed Hat\u003c/span\u003e. Certaines d\u0027entre elles permettent\n\u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, un d\u00e9ni de\nservice et un contournement de la politique de s\u00e9curit\u00e9.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Red Hat",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2014:1392-2 du 14 octobre 2014",
      "url": null
    }
  ]
}

CERTFR-2014-AVI-450

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été corrigées dans Oracle Linux. Elles permettent à un attaquant de provoquer un déni de service et une élévation de privilèges.

Contournement provisoire

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Oracle Linux 6

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Oracle du 28 octobre 2014

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cP\u003eOracle Linux 6\u003c/P\u003e",
  "content": "## Contournement provisoire\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-3122",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3122"
    },
    {
      "name": "CVE-2014-5045",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5045"
    },
    {
      "name": "CVE-2013-4483",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-4483"
    },
    {
      "name": "CVE-2014-5077",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5077"
    },
    {
      "name": "CVE-2014-4608",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4608"
    },
    {
      "name": "CVE-2014-4655",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4655"
    },
    {
      "name": "CVE-2014-0181",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-0181"
    },
    {
      "name": "CVE-2014-3601",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3601"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    },
    {
      "name": "CVE-2014-4653",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4653"
    },
    {
      "name": "CVE-2014-4654",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-4654"
    }
  ],
  "links": [],
  "reference": "CERTFR-2014-AVI-450",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2014-10-29T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans \u003cspan\nclass=\"textit\"\u003eOracle Linux\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service et une \u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Linux",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Oracle du 28 octobre 2014",
      "url": "http://linux.oracle.com/errata/ELSA-2014-1392.html"
    }
  ]
}

CERTFR-2015-AVI-136

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

	Vendor	Product	Description
	Red Hat	Red Hat Enterprise Linux Server	Red Hat Entreprise Linux Server EUS (v 6.5.z)
	Red Hat	Red Hat Enterprise Linux Server	Red Hat Enterprise Linux Server AUS (v. 6.5)

References

Title

Publication Time

Tags

Bulletin de sécurité Red Hat RHSA-2015:0782-1 du 07 avril 2015	None	vendor-advisory
Bulletin de sécurité Red Hat RHSA-2015:0782-1 du 07 avril 2015	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Red Hat Entreprise Linux Server EUS (v 6.5.z)",
      "product": {
        "name": "Red Hat Enterprise Linux Server",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    },
    {
      "description": "Red Hat Enterprise Linux Server AUS (v. 6.5)",
      "product": {
        "name": "Red Hat Enterprise Linux Server",
        "vendor": {
          "name": "Red Hat",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2014-8159",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8159"
    },
    {
      "name": "CVE-2014-3690",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-3690"
    },
    {
      "name": "CVE-2014-5472",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5472"
    },
    {
      "name": "CVE-2014-5471",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-5471"
    },
    {
      "name": "CVE-2015-1421",
      "url": "https://www.cve.org/CVERecord?id=CVE-2015-1421"
    },
    {
      "name": "CVE-2014-8884",
      "url": "https://www.cve.org/CVERecord?id=CVE-2014-8884"
    },
    {
      "name": "CVE-2013-2596",
      "url": "https://www.cve.org/CVERecord?id=CVE-2013-2596"
    }
  ],
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2015:0782-1 du 07 avril    2015",
      "url": "https://rhn.redhat.com/errata/RHSA-2015-0782.html"
    }
  ],
  "reference": "CERTFR-2015-AVI-136",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2015-04-08T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans le noyau Linux\u003cspan\nclass=\"textit\"\u003eRed Hat\u003c/span\u003e. Elles permettent \u00e0 un attaquant de\nprovoquer un d\u00e9ni de service \u00e0 distance, un d\u00e9ni de service et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Red Hat Enterprise Linux Server",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Red Hat RHSA-2015:0782-1 du 07 avril 2015",
      "url": null
    }
  ]
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-2596 (GCVE-0-2013-2596)

CISA KEV

Known Exploited Vulnerability - GCVE BCP-07 Compliant

Timestamps

Scope

Evidence

Vendor Report Successful Exploitation Confidence: 80% Source: cisa-kev

Details

References

Solution

Solution

Contournement provisoire

Solution

Solution

Solution

Solution

Solution

Contournement provisoire

Solution

Tags

Sightings

Nomenclature