Unrated severityNVD Advisory· Published Mar 22, 2013· Updated Jun 16, 2026

CVE-2013-2636

Description

net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Linux/Kernel4 versions
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*range: <=3.8.3
- cpe:2.3:o:linux:linux_kernel:3.8.0:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.8.1:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:3.8.2:*:*:*:*:*:*:*
Linux/Linux kernelllm-fuzzy
Range: <3.8.4

Patches

Vulnerability mechanics

References

github.com/torvalds/linux/commit/c085c49920b2f900ba716b4ca1c1a55ece9872ccnvdPatch
git.kernel.orgnvd
www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.4nvd
www.openwall.com/lists/oss-security/2013/03/20/1nvd
bugzilla.redhat.com/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000