26 Linux Kernel CVEs in April 2013
Full month · Source: NIST NVD
In April 2013, 26 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 3 were rated High severity and 21 Medium. CVE-2013-2596 was confirmed as actively exploited in the wild and added to the CISA Known Exploited Vulnerabilities catalog. April's 26 CVEs represent 13% of all 2013 Linux kernel CVEs , down from March's 40 (a 35% month-over-month decrease) .
Actively Exploited CVEs — April 2013
1 CVE in CISA KEVCVE-2013-2596 is the only Linux kernel CVE from April 2013 confirmed as actively exploited in the wild. It carries a CVSS score of 7.8 (High severity) and is listed in the CISA Known Exploited Vulnerabilities catalog.
| CVE ID | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|
| CVE-2013-2596 | High KEV | 7.8 | 2013-04-13 | Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9,… |
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2013-2596 | linux | High KEV | 7.8 | 2013-04-13 | Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certai… | |
| CVE-2013-3301 | linux | High | 7.2 | 2013-04-29 | The ftrace implementation in the Linux kernel before 3.8.8 allows local users to cause a denial of service (NULL pointe… | |
| CVE-2013-1858 | linux | High | 7.2 | 2013-04-05 | The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLO… | |
| CVE-2013-3224 | linux | Medium | 4.9 | 2013-04-22 | The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initi… | |
| CVE-2013-3226 | linux | Medium | 4.9 | 2013-04-22 | The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain l… | |
| CVE-2013-3227 | linux | Medium | 4.9 | 2013-04-22 | The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a cer… | |
| CVE-2013-3228 | linux | Medium | 4.9 | 2013-04-22 | The irda_recvmsg_dgram function in net/irda/af_irda.c in the Linux kernel before 3.9-rc7 does not initialize a certain … | |
| CVE-2013-3229 | linux | Medium | 4.9 | 2013-04-22 | The iucv_sock_recvmsg function in net/iucv/af_iucv.c in the Linux kernel before 3.9-rc7 does not initialize a certain l… | |
| CVE-2013-3230 | linux | Medium | 4.9 | 2013-04-22 | The l2tp_ip6_recvmsg function in net/l2tp/l2tp_ip6.c in the Linux kernel before 3.9-rc7 does not initialize a certain s… | |
| CVE-2013-3232 | linux | Medium | 4.9 | 2013-04-22 | The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data… | |
| CVE-2013-3233 | linux | Medium | 4.9 | 2013-04-22 | The llcp_sock_recvmsg function in net/nfc/llcp/sock.c in the Linux kernel before 3.9-rc7 does not initialize a certain … | |
| CVE-2013-3234 | linux | Medium | 4.9 | 2013-04-22 | The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data s… | |
| CVE-2013-3235 | linux | Medium | 4.9 | 2013-04-22 | net/tipc/socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure and a certain length … | |
| CVE-2013-3236 | linux | Medium | 4.9 | 2013-04-22 | The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not… | |
| CVE-2013-3223 | linux | Medium | 4.9 | 2013-04-22 | The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data s… |