CVE-2013-6122
Summary
| CVE | CVE-2013-6122 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2013-11-12 14:35:00 UTC |
| Updated | 2013-11-13 19:53:00 UTC |
| Description | goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly synchronize updates to a global variable, which allows local users to bypass intended access restrictions or cause a denial of service (memory corruption) via crafted arguments to the procfs write handler. |
Risk And Classification
Problem Types: CWE-20
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Qualcomm | Quic Mobile Station Modem Kernel | 3.10 | All | All | All |
| Operating System | Qualcomm | Quic Mobile Station Modem Kernel | 3.10 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Multiple memory corruption issues and race condition in Goodix gt915 touchscreen driver procfs handler (CVE-2013-4740 CVE-2013-6122) | Code Aurora Forum | CONFIRM | www.codeaurora.org | Patch |
| kernel/msm-3.10 - Unnamed repository | CONFIRM | www.codeaurora.org | Exploit, Patch |
| oss-security - Advisory report - Multiple memory corruption and race condition in Goodix gt915 Android touchscreen driver (CVE-2013-4740 & CVE-2013-6122) | MLIST | www.openwall.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.