Rapid7 Vulnerability & Exploit Database

USN-2067-1: Linux kernel (OMAP4) vulnerabilities

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

USN-2067-1: Linux kernel (OMAP4) vulnerabilities

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

11/20/2013

Created

07/25/2018

Added

04/08/2014

Modified

09/16/2022

Description

The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses, which allows attackers to read or modify the contents of arbitrary kernel memory locations via a crafted application, as exploited in the wild against Android devices in October and November 2013.

Solution(s)

ubuntu-upgrade-linux-image-3-2-0-1442-omap4

References

https://attackerkb.com/topics/cve-2013-4299
63359
63886
64013
64952
64953
CVE - 2013-4299
CVE - 2013-4470
CVE - 2013-4511
CVE - 2013-4514
CVE - 2013-4515
CVE - 2013-4592
CVE - 2013-6282
CVE - 2013-6378
CVE - 2013-6383
CVE - 2013-6763
CVE - 2013-7027
CVE - 2014-1444
CVE - 2014-1445
RHSA-2013:1436
RHSA-2013:1449
RHSA-2013:1450
RHSA-2013:1460
RHSA-2013:1490
RHSA-2013:1519
RHSA-2013:1520
RHSA-2013:1645
RHSA-2013:1783
RHSA-2013:1860
RHSA-2014:0100
RHSA-2014:0284
RHSA-2014:0285
USN-2067-1
90443
90444

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;