CVE-2013-4736

EPSS 0.53%
Veröffentlicht 10.02.2014 18:15:10
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (system crash) via a large number of commands in an ioctl call, related to (1) camera_v1/gemini/msm_gemini_sync.c, (2) camera_v2/gemini/msm_gemini_sync.c, (3) camera_v2/jpeg_10/msm_jpeg_sync.c, (4) gemini/msm_gemini_sync.c, (5) jpeg_10/msm_jpeg_sync.c, and (6) mercury/msm_mercury_sync.c.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Codeaurora ≫ Android-msm Version3.2.54

Codeaurora ≫ Android-msm Version3.4.72

Codeaurora ≫ Android-msm Version3.4.73

Codeaurora ≫ Android-msm Version3.4.74

Codeaurora ≫ Android-msm Version3.4.75

Codeaurora ≫ Android-msm Version3.4.76

Codeaurora ≫ Android-msm Version3.4.77

Codeaurora ≫ Android-msm Version3.4.78

Codeaurora ≫ Android-msm Version3.4.79

Codeaurora ≫ Android-msm Version3.10.22

Codeaurora ≫ Android-msm Version3.10.23

Codeaurora ≫ Android-msm Version3.10.24

Codeaurora ≫ Android-msm Version3.10.25

Codeaurora ≫ Android-msm Version3.10.26

Codeaurora ≫ Android-msm Version3.10.27

Codeaurora ≫ Android-msm Version3.10.28

Codeaurora ≫ Android-msm Version3.10.29

Codeaurora ≫ Android-msm Version3.12.3

Codeaurora ≫ Android-msm Version3.12.4

Codeaurora ≫ Android-msm Version3.12.5

Codeaurora ≫ Android-msm Version3.12.6

Codeaurora ≫ Android-msm Version3.12.7

Codeaurora ≫ Android-msm Version3.12.8

Codeaurora ≫ Android-msm Version3.12.9

Codeaurora ≫ Android-msm Version3.12.10

Codeaurora ≫ Android-msm Version3.13

Codeaurora ≫ Android-msm Version3.13 Updaterc1

Codeaurora ≫ Android-msm Version3.13 Updaterc2

Codeaurora ≫ Android-msm Version3.13 Updaterc3

Codeaurora ≫ Android-msm Version3.13 Updaterc4

Codeaurora ≫ Android-msm Version3.13 Updaterc5

Codeaurora ≫ Android-msm Version3.13 Updaterc6

Codeaurora ≫ Android-msm Version3.13 Updaterc7

Codeaurora ≫ Android-msm Version3.13 Updaterc8

Codeaurora ≫ Android-msm Version3.13.1

Codeaurora ≫ Android-msm Version3.13.2

Codeaurora ≫ Android-msm Version3.14 Updaterc1

Codeaurora ≫ Android-msm Version3.14 Updaterc2

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.53%	0.66

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	10	6.9	AV:N/AC:L/Au:N/C:N/I:N/A:C

https://www.codeaurora.org/projects/security-advisories/integer-overflow-and-signedness-issue-camera-jpeg-engines-cve-2013-4736

Patch

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2013-4736

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-4736

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-4736

EUVD