CVE-2013-4511

Published: 12 November 2013

Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted mmap operations, related to the (1) au1100fb_fb_mmap function in drivers/video/au1100fb.c and the (2) au1200fb_fb_mmap function in drivers/video/au1200fb.c.

From the Ubuntu security team

Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux kernel. An unprivileged local user could exploit this flaw to gain administrative privileges.

Status

References

• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4511
• https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7314e613d
• http://www.openwall.com/lists/oss-security/2013/11/04
• https://ubuntu.com/security/notices/USN-2036-1
• https://ubuntu.com/security/notices/USN-2037-1
• https://ubuntu.com/security/notices/USN-2066-1
• https://ubuntu.com/security/notices/USN-2067-1
• https://ubuntu.com/security/notices/USN-2068-1
• https://ubuntu.com/security/notices/USN-2069-1
• https://ubuntu.com/security/notices/USN-2070-1
• https://ubuntu.com/security/notices/USN-2071-1
• https://ubuntu.com/security/notices/USN-2072-1
• https://ubuntu.com/security/notices/USN-2073-1
• https://ubuntu.com/security/notices/USN-2074-1
• https://ubuntu.com/security/notices/USN-2075-1
• https://ubuntu.com/security/notices/USN-2076-1
• NVD
• Launchpad
• Debian

Bugs

• https://launchpad.net/bugs/1252419