4 Linux Kernel CVEs in May 2013
Full month · Source: NIST NVD
In May 2013, 4 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 2 were rated High severity and 1 Medium. CVE-2013-2094 was confirmed as actively exploited in the wild and added to the CISA Known Exploited Vulnerabilities catalog. May's 4 CVEs represent 2% of all 2013 Linux kernel CVEs , down from April's 26 (a 85% month-over-month decrease) .
Actively Exploited CVEs — May 2013
1 CVE in CISA KEVCVE-2013-2094 is the only Linux kernel CVE from May 2013 confirmed as actively exploited in the wild. It carries a CVSS score of 8.4 (High severity) and is listed in the CISA Known Exploited Vulnerabilities catalog.
| CVE ID | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|
| CVE-2013-2094 | High KEV | 8.4 | 2013-05-14 | The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an inc… |
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2013-2094 | linux | High KEV | 8.4 | 2013-05-14 | The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data … | |
| CVE-2013-2017 | linux | High | 7.8 | 2013-05-03 | The veth (aka virtual Ethernet) driver in the Linux kernel before 2.6.34 does not properly manage skbs during congestio… | |
| CVE-2013-1979 | linux | Medium | 6.9 | 2013-05-03 | The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values duri… | |
| CVE-2013-1959 | linux | Low | 3.7 | 2013-05-03 | kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_… |