Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2013-1773Improper Restriction of Operations within the Bounds of a Memory Buffer in Kernel

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer13 documents9 sources
Severity
6.2MEDIUMNVD
EPSS
0.3%
top 51.46%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
3
Linux KernelRedhat Enterprise LinuxRedhat Enterprise MRG
Timeline
PublishedFeb 28
Latest updateMay 13

Description

Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 3.3 allows local users to gain privileges or cause a denial of service (system crash) via a VFAT write operation on a filesystem with the utf8 mount option, which is not properly handled during UTF-8 to UTF-16 conversion.

CVSS vector

AV:L/AC:H/C:C/I:C/A:CExploitability: 1.9 | Impact: 10.0

Affected Packages3 packages

Debianlinux/linux_kernel< 3.2.15-1+3
NVDlinux/linux_kernel3.3+88

Also affects: Enterprise Linux 6.0

🔴Vulnerability Details

3
GHSA
GHSA-wrp6-2w63-vpc4: Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 32022-05-13
OSV
CVE-2013-1773: Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 32013-02-28
CVEList
CVE-2013-1773: Buffer overflow in the VFAT filesystem implementation in the Linux kernel before 32013-02-28

💥Exploits & PoCs

1
Exploit-DB
Google Android Kernel 2.6 - Local Denial of Service Crash (PoC)2012-12-09

📋Vendor Advisories

7
Ubuntu
Linux kernel (EC2) vulnerabilities2013-03-22
Ubuntu
Linux kernel (OMAP4) vulnerabilities2013-03-22
Ubuntu
Linux kernel vulnerabilities2013-03-22
Ubuntu
Linux kernel (Oneiric backport) vulnerabilities2013-03-12
Ubuntu
Linux kernel vulnerabilities2013-03-06

💬Community

1
Bugzilla
CVE-2013-1773 kernel: VFAT slab-based buffer overflow2013-02-27
CVE-2013-1773 — Linux Kernel vulnerability | cvebase