CVE-2013-6122

goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly synchronize updates to a global variable, which allows local users to bypass intended access restrictions or cause a denial of service (memory corruption) via crafted arguments to the procfs write handler.
Configurations

Configuration 1 (hide)

cpe:2.3:o:qualcomm:quic_mobile_station_modem_kernel:3.10:*:*:*:*:*:*:*

History

21 Nov 2024, 01:58

Type Values Removed Values Added
References () http://www.openwall.com/lists/oss-security/2013/11/08/1 - () http://www.openwall.com/lists/oss-security/2013/11/08/1 -
References () https://www.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=f53bcf29a6e7a66b3d935b8d562fa00829261f05 - Exploit, Patch () https://www.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=f53bcf29a6e7a66b3d935b8d562fa00829261f05 - Exploit, Patch
References () https://www.codeaurora.org/projects/security-advisories/multiple-memory-corruption-issues-and-race-condition-goodix-gt915-touchscreen-driver-procfs-handler - Patch () https://www.codeaurora.org/projects/security-advisories/multiple-memory-corruption-issues-and-race-condition-goodix-gt915-touchscreen-driver-procfs-handler - Patch

Information

Published : 2013-11-12 14:35

Updated : 2024-11-21 01:58


NVD link : CVE-2013-6122

Mitre link : CVE-2013-6122

CVE.ORG link : CVE-2013-6122


JSON object : View

Products Affected

qualcomm

  • quic_mobile_station_modem_kernel
CWE
CWE-20

Improper Input Validation