Ubuntu.comUB:CVE-2013-2595CVE-2013-2595
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
11.8%
The device-initialization functionality in the MSM camera driver for the
Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC)
Android contributions for MSM devices and other products, enables
MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap
interface, which allows attackers to gain privileges via a crafted
application.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | Need to check if any of our phone kernels contain this driver |
| jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
Related
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0004 Low
EPSS
Percentile
11.8%