CVE-2013-4738 - OpenCVE

Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Codeaurora	Android-msm
Qualcomm	Quic Mobile Station Modem Kernel

Configuration 1 [-]

OR	cpe:2.3:o:codeaurora:android-msm:2.6.29:::::::*
	cpe:2.3:o:qualcomm:quic_mobile_station_modem_kernel:3.4:::::::*

No data.

References

Link	Providers
http://www.openwall.com/lists/oss-security/2013/10/15/4
https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-and-memory-disclosure-camera-driver-cve-2013-4748-cve-2013-4739

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2014-02-03T02:00:00

Updated: 2024-08-06T16:52:27.040Z

Reserved: 2013-07-01T00:00:00

Link: CVE-2013-4738

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2014-02-03T03:55:03.690

Modified: 2014-02-21T18:18:57.280

Link: CVE-2013-4738

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-10-15T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2014-02-06T02:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-and-memory-disclosure-camera-driver-cve-2013-4748-cve-2013-4739"}, {"name": "[oss-security] 20131015 Report - Stack-based buffer overflow and memory disclosure in camera driver (CVE-2013-4748 CVE-2013-4739)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2013/10/15/4"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2013-4738", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-and-memory-disclosure-camera-driver-cve-2013-4748-cve-2013-4739", "refsource": "CONFIRM", "url": "https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-and-memory-disclosure-camera-driver-cve-2013-4748-cve-2013-4739"}, {"name": "[oss-security] 20131015 Report - Stack-based buffer overflow and memory disclosure in camera driver (CVE-2013-4748 CVE-2013-4739)", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2013/10/15/4"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:52:27.040Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-and-memory-disclosure-camera-driver-cve-2013-4748-cve-2013-4739"}, {"name": "[oss-security] 20131015 Report - Stack-based buffer overflow and memory disclosure in camera driver (CVE-2013-4748 CVE-2013-4739)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2013/10/15/4"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2013-4738", "datePublished": "2014-02-03T02:00:00", "dateReserved": "2013-07-01T00:00:00", "dateUpdated": "2024-08-06T16:52:27.040Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:codeaurora:android-msm:2.6.29:*:*:*:*:*:*:*", "matchCriteriaId": "46D87AD6-5AF4-418F-ACDB-A93CE4998958", "vulnerable": true}, {"criteria": "cpe:2.3:o:qualcomm:quic_mobile_station_modem_kernel:3.4:*:*:*:*:*:*:*", "matchCriteriaId": "BC462F6B-50B4-4EDD-921C-36CEB05D14AC", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c."}, {"lang": "es", "value": "M\u00faltiples desbordamientos de buffer basados en pila en el driver de la c\u00e1mara MSM para el kernel de Linux 3.x, tal y como se usa en Qualcomm Innovation Center (QuIC) de contribuciones Android para dispositivos MSM y otros productos, permite a atacantes obtener privilegios mediante (1) una llamada ioctl VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO manipulada, relacionada con /drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c o (2) una llamada ioctl VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO manipulada, relacionada con drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c."}], "id": "CVE-2013-4738", "lastModified": "2014-02-21T18:18:57.280", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-02-03T03:55:03.690", "references": [{"source": "cve@mitre.org", "url": "http://www.openwall.com/lists/oss-security/2013/10/15/4"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-and-memory-disclosure-camera-driver-cve-2013-4748-cve-2013-4739"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}