Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
androidUnknown, used in vroot exploitANDROID:QUALCOMM_MISSING_CHECKS_PUT_USER_GET_USER
HistorySep 06, 2013 - 12:00 a.m.

Qualcomm missing checks put_user get_user

2013-09-0600:00:00
Unknown, used in vroot exploit
www.androidvulnerabilities.org
38

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

Missing access checks in put_user/get_user kernel API (CVE-2013-6282 QCIR-2013-00010-1): The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This functionality was originally implemented and controlled by the domain switching feature (CONFIG_CPU_USE_DOMAINS), which has been deprecated due to architectural changes. As a result, any kernel code using these API functions may introduce a security issue where none existed before. This allows an application to read and write kernel memory to, e.g., escalated privileges.

Related

debiancve 1
seebug 1
zdt 1
prion 1
packetstorm 1
metasploit 1
cve 1
attackerkb 1
exploitpack 1
cisa_kev 1
redhatcve 1
ubuntucve 1
exploitdb 2
thn 3
securelist 1
openvas 4
ubuntu 1
nessus 2
debiancve
debiancve
CVE-2013-6282
2013-11-20 13:19:00
seebug
seebug
Linux ARM - Local Root Exploit
2014-07-01 00:00:00
zdt
zdt
Android get_user/put_user Exploit
2016-12-26 00:00:00
prion
prion
Memory corruption
2013-11-20 13:19:00
packetstorm
packetstorm
Android get_user/put_user Exploit
2016-12-26 00:00:00
metasploit
metasploit
Android get_user/put_user Exploit
2016-12-13 09:02:23
cve
cve
CVE-2013-6282
2013-11-20 13:19:00
attackerkb
attackerkb
CVE-2013-6282
2013-11-20 00:00:00
exploitpack
exploitpack
Linux Kernel 3.4.5 (Android 4.2.24.4 ARM) - Local Privilege Escalation
2014-02-11 00:00:00
cisa_kev
cisa_kev
Linux Kernel Improper Input Validation Vulnerability
2022-09-15 00:00:00
redhatcve
redhatcve
CVE-2013-6282
2015-10-30 10:07:20
ubuntucve
ubuntucve
CVE-2013-6282
2013-11-20 00:00:00
exploitdb
exploitdb
Google Android - get_user/put_user (Metasploit)
2016-12-29 00:00:00
Linux Kernel < 3.4.5 (Android 4.2.2/4.4 ARM) - Local Privilege Escalation
2014-02-11 00:00:00
thn
thn
Over 1 Million Google Accounts Hacked by 'Gooligan' Android Malware
2016-11-30 05:44:00
CopyCat Android Rooting Malware Infected 14 Million Devices
2017-07-06 05:17:00
Google Detects Android Spyware That Spies On WhatsApp, Skype Calls
2017-11-27 22:29:00
securelist
securelist
Skygofree: Following in the footsteps of HackingTeam
2018-01-16 10:00:58
openvas
openvas
Ubuntu Update for linux-ti-omap4 USN-2067-1
2014-01-06 00:00:00
Ubuntu: Security Advisory (USN-2067-1)
2014-01-06 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1635)
2020-01-23 00:00:00
ubuntu
ubuntu
Linux kernel (OMAP4) vulnerabilities
2014-01-03 00:00:00
nessus
nessus
EulerOS Virtualization for ARM 64 3.0.2.0 : kernel (EulerOS-SA-2019-1635)
2019-05-30 00:00:00
EulerOS 2.0 SP8 : kernel (EulerOS-SA-2020-1186)
2020-03-11 00:00:00

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for ANDROID:QUALCOMM_MISSING_CHECKS_PUT_USER_GET_USER
debiancve1seebug1zdt1prion1packetstorm1metasploit1cve1attackerkb1exploitpack1cisa_kev1redhatcve1ubuntucve1exploitdb2thn3securelist1openvas4ubuntu1nessus2