CVE-2013-6123: Input Validation
First published: Tue Jan 14 2014(Updated: )
Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Codeaurora Android-msm | =2.6.29 | |
| Qualcomm Quic Mobile Station Modem Kernel | =3.10 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90505
- https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4
- https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558
- https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123
- collector/nvd-index
- agent/references
- agent/severity
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- agent/weakness
- agent/author
- agent/event
- agent/tags
- agent/description
- agent/type
- collector/mitre-cve
- source/MITRE
- vendor/codeaurora
- canonical/codeaurora android-msm
- version/codeaurora android-msm/2.6.29
- vendor/qualcomm
- canonical/qualcomm quic mobile station modem kernel
- version/qualcomm quic mobile station modem kernel/3.10