goodix_tool.c in the Goodix gt915 touchscreen driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly synchronize updates to a global variable, which allows local users to bypass intended access restrictions or cause a denial of service (memory corruption) via crafted arguments to the procfs write handler.
References
Configurations
History
21 Nov 2024, 01:58
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.openwall.com/lists/oss-security/2013/11/08/1 - | |
References | () https://www.codeaurora.org/cgit/quic/la/kernel/msm-3.10/commit/?id=f53bcf29a6e7a66b3d935b8d562fa00829261f05 - Exploit, Patch | |
References | () https://www.codeaurora.org/projects/security-advisories/multiple-memory-corruption-issues-and-race-condition-goodix-gt915-touchscreen-driver-procfs-handler - Patch |
Information
Published : 2013-11-12 14:35
Updated : 2024-11-21 01:58
NVD link : CVE-2013-6122
Mitre link : CVE-2013-6122
CVE.ORG link : CVE-2013-6122
JSON object : View
Products Affected
qualcomm
- quic_mobile_station_modem_kernel
CWE
CWE-20
Improper Input Validation