COOEY // HUBcompliance · community · intelligence

Exposures › CVE-2013-6282

CVE-2013-6282

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-09-15
Reference
https://nvd.nist.gov/vuln/detail/CVE-2013-6282
⌖ exploited in the wild shame 50/100 exploited-in-wild

The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation.

Players implicated

linux · vendorKernel · product

Description

The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This allows an application to read and write kernel memory which could lead to privilege escalation.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.