Qualcomm chown init scripts

2014-02-19T00:00:00
ID ANDROID:QUALCOMM_CHOWN_INIT_SCRIPTS
Type android
Reporter Jon Sawyer
Modified 2014-04-16T00:00:00

Description

Insecure owner/permission changes in init shell scripts (CVE-2013-6124): During the device start-up phase, several init shell scripts are executed with root privileges to configure various aspects of the system. During this process, standard toolchain commands such as chown or chmod are used to, e.g., change the owner of the sensor settings file to the system user. As these commands follow symbolic links (symlinks), an attacker with write access to these resources is able to conduct symlink attacks and thus change for example the owner of an arbitrary file to system. This flaw can be used to, e.g., elevate privileges.