26 Linux Kernel CVEs in November 2013
Full month · Source: NIST NVD
In November 2013, 26 Linux kernel CVEs were published, sourced from the NIST National Vulnerability Database. Of these, 4 were rated High severity and 22 Medium. CVE-2013-6282 was confirmed as actively exploited in the wild and added to the CISA Known Exploited Vulnerabilities catalog. November's 26 CVEs represent 13% of all 2013 Linux kernel CVEs , up from October's 3 (a 767% month-over-month increase) .
Actively Exploited CVEs — November 2013
1 CVE in CISA KEVCVE-2013-6282 is the only Linux kernel CVE from November 2013 confirmed as actively exploited in the wild. It carries a CVSS score of 8.8 (High severity) and is listed in the CISA Known Exploited Vulnerabilities catalog.
| CVE ID | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|
| CVE-2013-6282 | High KEV | 8.8 | 2013-11-20 | The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 … |
| CVE ID | Package | Severity | CVSS | Published | Description | |
|---|---|---|---|---|---|---|
| CVE-2013-6282 | linux | High KEV | 8.8 | 2013-11-20 | The (1) get_user and (2) put_user API functions in the Linux kernel before 3.5.5 on the v6k and v7 ARM platforms do not… | |
| CVE-2013-4563 | linux | High | 7.1 | 2013-11-20 | The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offlo… | |
| CVE-2013-4348 | linux | High | 7.1 | 2013-11-04 | The skb_flow_dissect function in net/core/flow_dissector.c in the Linux kernel through 3.12 allows remote attackers to … | |
| CVE-2013-4588 | linux | High | 7.0 | 2013-11-20 | Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_… | |
| CVE-2013-6381 | linux | Medium | 6.9 | 2013-11-27 | Buffer overflow in the qeth_snmp_command function in drivers/s390/net/qeth_core_main.c in the Linux kernel through 3.12… | |
| CVE-2013-6383 | linux | Medium | 6.9 | 2013-11-27 | The aac_compat_ioctl function in drivers/scsi/aacraid/linit.c in the Linux kernel before 3.11.8 does not require the CA… | |
| CVE-2013-6122 | linux | Medium | 6.9 | 2013-11-12 | goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (Q… | |
| CVE-2013-4511 | linux | Medium | 6.9 | 2013-11-12 | Multiple integer overflows in Alchemy LCD frame-buffer drivers in the Linux kernel before 3.12 allow local users to cre… | |
| CVE-2013-4740 | linux | Medium | 6.9 | 2013-11-12 | goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (Q… | |
| CVE-2013-6763 | linux | Medium | 6.9 | 2013-11-12 | The uio_mmap_physical function in drivers/uio/uio.c in the Linux kernel before 3.12 does not validate the size of a mem… | |
| CVE-2013-4470 | linux | Medium | 6.9 | 2013-11-04 | The Linux kernel before 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly initialize certain dat… | |
| CVE-2013-4591 | linux | Medium | 6.2 | 2013-11-20 | Buffer overflow in the __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows lo… | |
| CVE-2013-6392 | linux | Medium | 4.9 | 2013-11-30 | The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovat… | |
| CVE-2013-4515 | linux | Medium | 4.9 | 2013-11-12 | The bcm_char_ioctl function in drivers/staging/bcm/Bcmchar.c in the Linux kernel before 3.12 does not initialize a cert… | |
| CVE-2013-4513 | linux | Medium | 4.9 | 2013-11-12 | Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows… |