CVE-2013-4738
published 2014-02-03CVE-2013-4738: Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for…
PriorityP430high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.27%
18.4th percentile
Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codeaurora | android-msm | — | — |
| debian | linux | — | — |
| qualcomm | quic_mobile_station_modem_kernel | — | — |
CVSS provenance
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_debian7.2LOW
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2013-4738: linux - Multiple stack-based buffer overflows in the MSM camera driver for the Linux ker...
vendor_debian·2013·CVSS 7.2
CVE-2013-4738 [HIGH] CVE-2013-4738: linux - Multiple stack-based buffer overflows in the MSM camera driver for the Linux ker...
Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
Red Hat
CVE-2013-4738: Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3
vendor_redhat·CVSS 7.2
CVE-2013-4738 [HIGH] CVE-2013-4738: Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3
Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c.
Statement: Not vulnerable. This issue does not affect the versions of the kernel package as shipped with Red Hat Enterprise Linux 5, 6 and Red Hat Enterprise MRG 2.
GHSA
GHSA-9g7g-r2vq-gqph: Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3
ghsa_unreviewed·2022-05-17
CVE-2013-4738 [HIGH] CWE-119 GHSA-9g7g-r2vq-gqph: Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3
Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c.
OSV
CVE-2013-4738: Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3
osv·2014-02-03·CVSS 7.2
CVE-2013-4738 [HIGH] CVE-2013-4738: Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3
Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c.
No detection rules found.
No public exploits indexed.
http://www.openwall.com/lists/oss-security/2013/10/15/4https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-and-memory-disclosure-camera-driver-cve-2013-4748-cve-2013-4739http://www.openwall.com/lists/oss-security/2013/10/15/4https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-and-memory-disclosure-camera-driver-cve-2013-4748-cve-2013-4739
2014-02-03
Published