CVE-2013-2598

codeaurora android-msm - Memory Corruption via Crafted Boot-Image Header

Title source: llm
STIX 2.1

Description

app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory locations within bootloader memory.

Scores

EPSS 0.0031
EPSS Percentile 22.7%

Details

CWE
CWE-20
Status published
Products (50)
codeaurora/android-msm 2.6.29
codeaurora/android-msm 3.2.54
codeaurora/android-msm 3.2.55
codeaurora/android-msm 3.2.56
codeaurora/android-msm 3.2.57
codeaurora/android-msm 3.2.58
codeaurora/android-msm 3.2.59
codeaurora/android-msm 3.2.60
codeaurora/android-msm 3.2.61
codeaurora/android-msm 3.2.62
... and 40 more
Published Aug 31, 2014
Tracked Since Feb 18, 2026