cbcvebase.
CVE-2013-4738
published 2014-02-03

CVE-2013-4738: Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for…

PriorityP430high7.2CVSS 2.0
AVLACLAuNCCICAC
EPSS
0.27%
18.4th percentile
Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c.

Affected

3 ranges
VendorProductVersion rangeFixed in
codeauroraandroid-msm
debianlinux
qualcommquic_mobile_station_modem_kernel

CVSS provenance

nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.2HIGH
vendor_debian7.2LOW
vendor_redhat7.2HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.