CVE

Id
66070  
CVE No.
CVE-2013-6123  
Status
Candidate  
Description
Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions.  
Phase
Assigned (20131015)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
643676 66070 CVE-2013-6123 CONFIRM:https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4  View
643677 66070 CVE-2013-6123 CONFIRM:https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558  View
643678 66070 CVE-2013-6123 CONFIRM:https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123  View
643679 66070 CVE-2013-6123 XF:code-aurora-cve20136123-priv-esc(90505)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
23327 JVNDB-2013-004902 WellinTech KingView の KChartXY.ocx における任意のファイルを生成される脆弱性 WellinTech KingView の KChartXY.ocx の KCHARTXYLib.KChartXY ActiveX コントロールは、SaveToFile メソッドの呼び出しを適切に制限しないため、任意のファイルを生成または上書きされ、その後、任意のプログラムを実行される脆弱性が存在します。 CVE-2013-6128 66070 5.8 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004902.html  View