CVE-2013-6123
Qualcomm MSM Camera Driver - Privilege Escalation via Array Index Errors in msm_cam_server.c
Title source: llmDescription
Multiple array index errors in drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges by leveraging camera device-node access, related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3) msm_server_send_ctrl functions.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
https://www.codeaurora.org/projects/security-advisories/out-bounds-array-access-camera-driver-cve-2013-6123
Exploit, Patch x_refsource_confirm
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=60e4af06161d91d5aeaa04c7d6e9f4345a6acdd4
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/90505
Patch x_refsource_confirm
https://www.codeaurora.org/cgit/quic/la//kernel/msm/commit/?id=7beb04ea945a7178e61d935918d3cb152996b558
Scores
EPSS
0.0030
EPSS Percentile
21.7%
Details
CWE
CWE-20
Status
published
Products (2)
codeaurora/android-msm
2.6.29
qualcomm/quic_mobile_station_modem_kernel
3.10
Published
Jan 14, 2014
Tracked Since
Feb 18, 2026