{"api_version":"1","generated_at":"2026-04-26T00:45:21+00:00","cve":"CVE-2013-6122","urls":{"html":"https://cve.report/CVE-2013-6122","api":"https://cve.report/api/cve/CVE-2013-6122.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2013-6122","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2013-6122"},"summary":{"title":"CVE-2013-6122","description":"goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly synchronize updates to a global variable, which allows local users to bypass intended access restrictions or cause a denial of service (memory corruption) via crafted arguments to the procfs write handler.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2013-11-12 14:35:00","updated_at":"2013-11-13 19:53:00"},"problem_types":["CWE-20"],"metrics":[],"references":[{"url":"https://www.codeaurora.org/projects/security-advisories/multiple-memory-corruption-issues-and-race-condition-goodix-gt915-touchscreen-driver-procfs-handler","name":"https://www.codeaurora.org/projects/security-advisories/multiple-memory-corruption-issues-and-race-condition-goodix-gt915-touchscreen-driver-procfs-handler","refsource":"CONFIRM","tags":["Patch"],"title":"Multiple memory corruption issues and race condition in Goodix gt915 touchscreen driver procfs handler (CVE-2013-4740 CVE-2013-6122) | Code Aurora Forum","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"https://www.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=f53bcf29a6e7a66b3d935b8d562fa00829261f05","name":"https://www.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=f53bcf29a6e7a66b3d935b8d562fa00829261f05","refsource":"CONFIRM","tags":["Exploit","Patch"],"title":"kernel/msm-3.10 - Unnamed repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.openwall.com/lists/oss-security/2013/11/08/1","name":"[oss-security] 20131108 Advisory report - Multiple memory corruption and race condition in Goodix gt915 Android touchscreen driver (CVE-2013-4740 & CVE-2013-6122)","refsource":"MLIST","tags":[],"title":"oss-security - Advisory report - Multiple memory corruption and race condition in\n Goodix gt915 Android touchscreen driver (CVE-2013-4740 & CVE-2013-6122)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2013-6122","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2013-6122","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2013","cve_id":"6122","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"quic_mobile_station_modem_kernel","cpe6":"3.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2013","cve_id":"6122","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"qualcomm","cpe5":"quic_mobile_station_modem_kernel","cpe6":"3.10","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2013-6122","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly synchronize updates to a global variable, which allows local users to bypass intended access restrictions or cause a denial of service (memory corruption) via crafted arguments to the procfs write handler."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"[oss-security] 20131108 Advisory report - Multiple memory corruption and race condition in Goodix gt915 Android touchscreen driver (CVE-2013-4740 & CVE-2013-6122)","refsource":"MLIST","url":"http://www.openwall.com/lists/oss-security/2013/11/08/1"},{"name":"https://www.codeaurora.org/projects/security-advisories/multiple-memory-corruption-issues-and-race-condition-goodix-gt915-touchscreen-driver-procfs-handler","refsource":"CONFIRM","url":"https://www.codeaurora.org/projects/security-advisories/multiple-memory-corruption-issues-and-race-condition-goodix-gt915-touchscreen-driver-procfs-handler"},{"name":"https://www.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=f53bcf29a6e7a66b3d935b8d562fa00829261f05","refsource":"CONFIRM","url":"https://www.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=f53bcf29a6e7a66b3d935b8d562fa00829261f05"}]}},"nvd":{"publishedDate":"2013-11-12 14:35:00","lastModifiedDate":"2013-11-13 19:53:00","problem_types":["CWE-20"],"metrics":{"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":6.9},"severity":"MEDIUM","exploitabilityScore":3.4,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:qualcomm:quic_mobile_station_modem_kernel:3.10:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2013","CveId":"6122","Ordinal":"65829","Title":"CVE-2013-6122","CVE":"CVE-2013-6122","Year":"2013"},"notes":[{"CveYear":"2013","CveId":"6122","Ordinal":"1","NoteData":"goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly synchronize updates to a global variable, which allows local users to bypass intended access restrictions or cause a denial of service (memory corruption) via crafted arguments to the procfs write handler.","Type":"Description","Title":null},{"CveYear":"2013","CveId":"6122","Ordinal":"2","NoteData":"2013-11-11","Type":"Other","Title":"Published"}]}}}