Lucene search

K

[email protected]NVD:CVE-2012-4221

HistoryNov 30, 2012 - 12:54 p.m.

CVE-2012-4221

2012-11-3012:54:16

CWE-189

[email protected]

web.nvd.nist.gov

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.3%

Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service via an application that uses crafted arguments in a local diagchar_ioctl call.

Affected configurations

NVD

Node

googleandroidMatch2.3

OR

googleandroidMatch2.3rev1

OR

googleandroidMatch2.3.1

OR

googleandroidMatch2.3.2

OR

googleandroidMatch2.3.3

OR

googleandroidMatch2.3.4

OR

googleandroidMatch2.3.5

OR

googleandroidMatch2.3.6

OR

googleandroidMatch2.3.7

OR

googleandroidMatch3.0

OR

googleandroidMatch3.1

OR

googleandroidMatch3.2

OR

googleandroidMatch3.2.1

OR

googleandroidMatch3.2.2

OR

googleandroidMatch3.2.4

OR

googleandroidMatch3.2.6

OR

googleandroidMatch4.0

OR

googleandroidMatch4.0.1

OR

googleandroidMatch4.0.2

OR

googleandroidMatch4.0.3

OR

googleandroidMatch4.0.4

OR

googleandroidMatch4.1

OR

googleandroidMatch4.2

References

www.kb.cert.org/vuls/id/702452

www.codeaurora.org/projects/security-advisories/multiple-issues-diagkgsl-system-call-handling-cve-2012-4220-cve-2012

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

41.3%

Related for NVD:CVE-2012-4221

redhatcve1 cvelist1 ubuntucve1 prion1 cve1 debiancve1 threatpost1 android1 cert1