CVE-2013-6123

Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions.

CVSS v2.0 6.9 MEDIUM

6.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:M/Au:N/C:C/I:C/A:C

Exploitability : 3.4 / Impact : 10.0

Access Vector LOCAL

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/90505
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4	Exploit Patch
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558	Patch
https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:codeaurora:android-msm:2.6.29:::::::*
	cpe:2.3:o:qualcomm:quic_mobile_station_modem_kernel:3.10:::::::*

History

No history.

Information

Published : 2014-01-14 04:29

Updated : 2024-02-04 18:16

NVD link : CVE-2013-6123

Mitre link : CVE-2013-6123

CVE.ORG link : CVE-2013-6123

JSON object : View

Products Affected

qualcomm

quic_mobile_station_modem_kernel

codeaurora

android-msm

CWE

CWE-20

Improper Input Validation

{"id": "CVE-2013-6123", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.4, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2014-01-14T04:29:56.923", "references": [{"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/90505", "source": "cve@mitre.org"}, {"url": "https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4", "tags": ["Exploit", "Patch"], "source": "cve@mitre.org"}, {"url": "https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558", "tags": ["Patch"], "source": "cve@mitre.org"}, {"url": "https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-20"}]}], "descriptions": [{"lang": "en", "value": "Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions."}, {"lang": "es", "value": "M\u00faltiples errores de indexaci\u00f3n de array en drivers/media/video/msm/server/msm_cam_server.c del driver de la c\u00e1mara MSM para el kernel de Linux 3.x, tal y como se usa en Qualcomm Innovation Center (QuIC) de contribuciones Android para dispositivos MSM y otros productos, permite a atacantes obtener privilegios mediante el aprovechamiento de acceso a la c\u00e1mara device-node, relacionado con las funciones (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, y (3) msm_server_send_ctrl."}], "lastModified": "2017-08-29T01:33:54.920", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:codeaurora:android-msm:2.6.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46D87AD6-5AF4-418F-ACDB-A93CE4998958"}, {"criteria": "cpe:2.3:o:qualcomm:quic_mobile_station_modem_kernel:3.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9B99C28E-E8DC-4987-BCDF-F6E18EFF59D8"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}