Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 491374 (CVE-2013-6282) - Kernel : missing access checks in get_user/put_user on ARM (CVE-2013-6282)
Summary: Kernel : missing access checks in get_user/put_user on ARM (CVE-2013-6282)
Alias: CVE-2013-6282
Product: Gentoo Security
Classification: Unclassified
Component: Kernel (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Kernel Security
Depends on:
Reported: 2013-11-15 20:26 UTC by Agostino Sarubbo
Modified: 2022-03-25 15:45 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2013-11-27 21:53:37 UTC
CVE-2013-6282 (
  The (1) get_user and (2) put_user API functions in the Linux kernel before
  3.5.5 on the v6k and v7 ARM platforms do not validate certain addresses,
  which allows attackers to read or modify the contents of arbitrary kernel
  memory locations via a crafted application, as exploited in the wild against
  Android devices in October and November 2013.
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-03-25 15:45:41 UTC
In 3.5.5 onwards