7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
42.1%
The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP
display driver for the Linux kernel 3.x, as used in Qualcomm Innovation
Center (QuIC) Android contributions for MSM devices and other products,
does not validate certain start and length values within an ioctl call,
which allows attackers to gain privileges via a crafted application.
Author | Note |
---|---|
jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |