CVE-2013-2597

HIGH KEV

Linux kernel 2.6.x-3.x - Buffer Overflow

Title source: llm

Exploitation Summary

CVE-2013-2597 is actively exploited and listed in the CISA Known Exploited Vulnerabilities (KEV) catalog, added September 15, 2022. EIP tracks 1 public exploit from researchers including fi01.

AI-analyzed exploit summary This PoC exploits a stack-based buffer overflow in the ACDB audio driver (CVE-2013-2597) by crafting a malicious ioctl request to overwrite memory addresses. It demonstrates arbitrary memory write capabilities, which can lead to privilege escalation or code execution.

Description

Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument.

Exploits (1)

nomisec WORKING POC 12 stars

by fi01 · remote

https://github.com/fi01/libmsm_acdb_exploit

View Code ZIP pw:eip

This PoC exploits a stack-based buffer overflow in the ACDB audio driver (CVE-2013-2597) by crafting a malicious ioctl request to overwrite memory addresses. It demonstrates arbitrary memory write capabilities, which can lead to privilege escalation or code execution.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Qualcomm msm_acdb audio driver (specific versions affected by CVE-2013-2597)

No auth needed

Prerequisites: Access to the target device · Presence of vulnerable msm_acdb driver · Ability to open /dev/msm_acdb

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Third Party Advisory, US Government Resource

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2597

Broken Link, Vendor Advisory x_refsource_confirm

https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-acdb-audio-driver-cve-2013-2597

Scores

CVSS v3 8.4

EPSS 0.0610

EPSS Percentile 91.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation active

Automatable no

Technical Impact total

Details

CISA KEV 2022-09-15

VulnCheck KEV 2022-09-15

InTheWild.io 2015-12-04

ENISA EUVD EUVD-2013-2539

CWE

CWE-121

Status published

Products (50)

codeaurora/android-msm 2.6.29

codeaurora/android-msm 3.2.54

codeaurora/android-msm 3.2.55

codeaurora/android-msm 3.2.56

codeaurora/android-msm 3.2.57

codeaurora/android-msm 3.2.58

codeaurora/android-msm 3.2.59

codeaurora/android-msm 3.2.60

codeaurora/android-msm 3.2.61

codeaurora/android-msm 3.2.62

... and 40 more

Published Aug 31, 2014

KEV Added Sep 15, 2022

Tracked Since Feb 18, 2026