6.9 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:M/Au:N/C:C/I:C/A:C
0.001 Low
EPSS
Percentile
41.0%
Multiple array index errors in
drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver
for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC)
Android contributions for MSM devices and other products, allow attackers
to gain privileges by leveraging camera device-node access, related to the
(1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl
functions.
Author | Note |
---|---|
apw | break is msm driver introducing commit which is the same on 3.4 kernels |
launchpad.net/bugs/cve/CVE-2013-6123
nvd.nist.gov/vuln/detail/CVE-2013-6123
security-tracker.debian.org/tracker/CVE-2013-6123
www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4
www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558
www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123
www.cve.org/CVERecord?id=CVE-2013-6123