CVE-2014-4323

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows attackers to gain privileges via a crafted application.
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:09

Type Values Removed Values Added
References () https://www.codeaurora.org/projects/security-advisories/improper-input-validation-mdp-driver-when-processing-color-mapsĀ - Broken Link () https://www.codeaurora.org/projects/security-advisories/improper-input-validation-mdp-driver-when-processing-color-mapsĀ - Broken Link

Information

Published : 2014-12-12 11:59

Updated : 2024-11-21 02:09


NVD link : CVE-2014-4323

Mitre link : CVE-2014-4323

CVE.ORG link : CVE-2014-4323


JSON object : View

Products Affected

linux

  • linux_kernel
CWE
CWE-20

Improper Input Validation