CVE-2013-1763

Linux Kernel < 3.4.34 - Local Privilege Escalation via Netlink Message Family Value

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 5 public exploits for CVE-2013-1763. PoCs published by SynQ, Vitaly Nikolenko, Kacper Szczesniak.

AI-analyzed exploit summary This exploit leverages CVE-2013-1763, a SOCK_DIAG vulnerability in Linux kernels 3.3-3.8, to achieve local privilege escalation by manipulating netlink structures and executing arbitrary kernel code. It resolves kernel symbols dynamically or uses hardcoded addresses for Ubuntu/Fedora to bypass authentication.

Description

Array index error in the __sock_diag_rcv_msg function in net/core/sock_diag.c in the Linux kernel before 3.7.10 allows local users to gain privileges via a large family value in a Netlink message.

Exploits (5)

exploitdb WORKING POC VERIFIED
by SynQ · clocallinux
https://www.exploit-db.com/exploits/33336

This exploit leverages CVE-2013-1763, a SOCK_DIAG vulnerability in Linux kernels 3.3-3.8, to achieve local privilege escalation by manipulating netlink structures and executing arbitrary kernel code. It resolves kernel symbols dynamically or uses hardcoded addresses for Ubuntu/Fedora to bypass authentication.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Linux kernel 3.3-3.8 (Ubuntu/Fedora)
No auth needed
Prerequisites: Local access to the target system · Kernel version 3.3-3.8 · Compilation environment
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Vitaly Nikolenko · clocallinux_x86-64
https://www.exploit-db.com/exploits/44299

This exploit targets CVE-2013-1763, a Linux kernel vulnerability in the sock_diag module, to achieve local privilege escalation (LPE) by bypassing SMEP. It uses a crafted Netlink message to corrupt kernel memory and redirect execution to a user-controlled payload.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Linux kernel 3.5.0-23-generic (Ubuntu)
No auth needed
Prerequisites: Local access to the target system · Compilation environment with GCC
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by Kacper Szczesniak · clocallinux_x86-64
https://www.exploit-db.com/exploits/24746

This exploit leverages a kernel vulnerability (CVE-2013-1763) in the Linux netlink socket implementation to achieve local privilege escalation. It uses a crafted netlink message to trigger a kernel memory corruption, overwriting a function pointer to execute arbitrary code in kernel context.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Linux kernel 3.5.x to 3.8.x
No auth needed
Prerequisites: Local access to the target system · Kernel version within vulnerable range
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC
by sd · clocallinux_x86-64
https://www.exploit-db.com/exploits/24555

This exploit targets a Linux kernel vulnerability (CVE-2013-1763) to achieve local privilege escalation by manipulating kernel memory structures. It uses a socket operation to trigger the vulnerability and patches the current task structure to gain root privileges.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Linux kernel 3.3-3.7 (x86_64)
No auth needed
Prerequisites: Local access to the target system · Vulnerable Linux kernel version
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by qkrtjsrbs315 · poc
https://github.com/qkrtjsrbs315/CVE-2013-1763

This exploit targets CVE-2013-1763, a Linux kernel vulnerability in the netlink socket implementation. It leverages a memory corruption flaw to achieve local privilege escalation by overwriting kernel memory and executing arbitrary code in kernel context.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Linux kernel (versions 3.0 to 3.8)
No auth needed
Prerequisites: Local access to the target system · Kernel version vulnerable to CVE-2013-1763
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (14)

Core 14
Core References
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=915052
Mailing List mailing-list x_refsource_mlist
http://openwall.com/lists/oss-security/2013/02/25/12
Broken Link vendor-advisory x_refsource_mandriva
http://www.mandriva.com/security/advisories?name=MDVSA-2013:176
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1750-1
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/33336
Mailing List mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/02/24/3
Third Party Advisory, VDB Entry vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00004.html
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/24746
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1749-1
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/24555
Third Party Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1751-1

Scores

EPSS 0.1505
EPSS Percentile 94.8%

Details

CWE
CWE-20
Status published
Products (1)
linux/linux_kernel 3.3 - 3.4.34
Published Feb 28, 2013
Tracked Since Feb 18, 2026