BID:69366 - Android for MSM Project CVE-2014-0973 Local Security Bypass Vulnerability

Android for MSM Project CVE-2014-0973 Local Security Bypass Vulnerability

BID:69366

Info

Android for MSM Project CVE-2014-0973 Local Security Bypass Vulnerability

Bugtraq ID:	69366
Class:	Design Error
CVE:	CVE-2014-0973
Remote:	No
Local:	Yes
Published:	Jun 13 2014 12:00AM
Updated:	Mar 19 2015 09:30AM
Credit:	Lee Harrison, and Kang Li
Vulnerable:

Not Vulnerable:

References

Android for MSM Project CVE-2014-0973 Local Security Bypass Vulnerability

References:

Android for MSM Project Homepage (Code Aurora Forum)
Incomplete signature parsing during boot image authentication leads to signature (Code Aurora Forum)
platform: msm_shared: Size of decrypted signature should be equal to size of dig (Code Aurora Forum)