CVE-2013-6123

Exploit

EPSS 0.04%
Veröffentlicht 14.01.2014 04:29:56
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 7

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Codeaurora ≫ Android-msm Version2.6.29

Qualcomm ≫ Quic Mobile Station Modem Kernel Version3.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.9	3.4	10	AV:L/AC:M/Au:N/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

https://exchange.xforce.ibmcloud.com/vulnerabilities/90505

https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4

Patch

Exploit

https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558

Patch

https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2013-6123

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2013-6123

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2013-6123

EUVD