Ubuntu.comUB:CVE-2014-4322CVE-2014-4322
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0005 Low
EPSS
Percentile
16.0%
drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as
used in Qualcomm Innovation Center (QuIC) Android contributions for MSM
devices and other products, does not validate certain offset, length, and
base values within an ioctl call, which allows attackers to gain privileges
or cause a denial of service (memory corruption) via a crafted application.
Bugs
Notes
| Author | Note |
|---|---|
| jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
Related
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.0005 Low
EPSS
Percentile
16.0%