Android for MSM Project CVE-2014-4325 Local Security Bypass Vulnerability
BID:69381
Info
Android for MSM Project CVE-2014-4325 Local Security Bypass Vulnerability
| Bugtraq ID: | 69381 |
| Class: | Design Error |
| CVE: |
CVE-2014-4325 |
| Remote: | No |
| Local: | Yes |
| Published: | Aug 05 2014 12:00AM |
| Updated: | Aug 05 2014 12:00AM |
| Credit: | Jon Sawyer |
| Vulnerable: |
codeaurora Android for MSM 0 |
| Not Vulnerable: | |
Discussion
Android for MSM Project CVE-2014-4325 Local Security Bypass Vulnerability
Android for MSM Project is prone to a local security-bypass vulnerability.
Local attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.
Android for MSM Project is prone to a local security-bypass vulnerability.
Local attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions.
Exploit / POC
Android for MSM Project CVE-2014-4325 Local Security Bypass Vulnerability
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
Android for MSM Project CVE-2014-4325 Local Security Bypass Vulnerability
References:
References:
- Android for MSM Project Homepage (Code Aurora Forum)
- app: aboot: Fix size check for boot image (Code Aurora Forum)
- app: aboot: Verify boot image signature (Code Aurora Forum)
- Fastboot boot command bypasses signature verification (CVE-2014-4325) (Code Aurora Forum)