High severity7.0NVD Advisory· Published Nov 20, 2013· Updated Apr 29, 2026

CVE-2013-4588

Description

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a setsockopt system call, related to the do_ip_vs_set_ctl function.

Affected products

Linux/Kernel
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Range: <2.6.33
Canonical (company)/Ubuntu Linux
cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*

Patches

04bcef2a83f4

https://github.com/torvalds/linuxvia nvd-ref

commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

www.openwall.com/lists/oss-security/2013/11/15/12nvdMailing ListPatchThird Party Advisory
bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
github.com/torvalds/linux/commit/04bcef2a83f40c6db24222b27a52892cba39dffbnvdPatchThird Party Advisory
www.securityfocus.com/bid/63744nvdThird Party AdvisoryVDB Entry
www.ubuntu.com/usn/USN-2064-1nvdThird Party Advisory
www.ubuntu.com/usn/USN-2065-1nvdThird Party Advisory
ftp.linux.org.uk/pub/linux/linux-2.6/ChangeLog-2.6.33nvdBroken Link

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	-0.070
ransomware	0.000