Lucene search

K

Ubuntu.comUB:CVE-2013-6123

HistoryJan 14, 2014 - 12:00 a.m.

CVE-2013-6123

2014-01-1400:00:00

ubuntu.com

ubuntu.com

5

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

41.1%

Multiple array index errors in
drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver
for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC)
Android contributions for MSM devices and other products, allow attackers
to gain privileges by leveraging camera device-node access, related to the
(1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl
functions.

Bugs

<https://launchpad.net/bugs/1270104>

Notes

Author	Note
apw	break is msm driver introducing commit which is the same on 3.4 kernels

References

launchpad.net/bugs/cve/CVE-2013-6123

nvd.nist.gov/vuln/detail/CVE-2013-6123

security-tracker.debian.org/tracker/CVE-2013-6123

www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4

www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558

www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123

www.cve.org/CVERecord?id=CVE-2013-6123

6.9 Medium

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

41.1%

Related for UB:CVE-2013-6123

prion1 nvd1 cve1 cvelist1 android1