CVE-2014-4322

Linux kernel 3.x - Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 5 public exploits for CVE-2014-4322. PoCs published by retme, retme7, laginimaineb.

AI-analyzed exploit summary This exploit targets CVE-2014-4322, a memory corruption vulnerability in the QSEECom driver on Nexus Android 5.0. It leverages the vulnerability to escalate privileges from system to root by manipulating kernel memory via the /dev/qseecom device.

Description

drivers/misc/qseecom.c in the QSEECOM driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain offset, length, and base values within an ioctl call, which allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application.

Exploits (5)

exploitdb WORKING POC
by retme · clocalandroid
https://www.exploit-db.com/exploits/35711

This exploit targets CVE-2014-4322, a memory corruption vulnerability in the QSEECom driver on Nexus Android 5.0. It leverages the vulnerability to escalate privileges from system to root by manipulating kernel memory via the /dev/qseecom device.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Android 5.0 (Nexus devices) with QSEECom driver
Auth required
Prerequisites: System privileges · Specific SELinux context (e.g., keystore, vold, drmserver, mediaserver, surfaceflinger) · Access to /dev/qseecom and /dev/ion
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 93 stars
by retme7 · poc
https://github.com/retme7/CVE-2014-4322_poc

This is a working privilege escalation exploit for CVE-2014-4322, targeting the QSEECom driver in Nexus Android 4.4/5.0. It leverages memory corruption to escalate from system to root privileges with kernel SELinux context.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Android 4.4/5.0 (Nexus devices) with QSEECom driver
Auth required
Prerequisites: System privileges · Specific SELinux context (e.g., keystore, vold, drmserver, mediaserver, surfaceflinger)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 24 stars
by laginimaineb · poc
https://github.com/laginimaineb/cve-2014-4322

This PoC exploits CVE-2014-4322, a vulnerability in the Qualcomm QSEECOM driver, allowing arbitrary kernel code execution via memory corruption and function pointer overwrites. It leverages ION memory allocation and PPPOLAC socket manipulation to achieve privilege escalation.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Qualcomm QSEECOM driver (Android kernel)
No auth needed
Prerequisites: Access to /dev/qseecom and /dev/ion · Android device with vulnerable Qualcomm chipset
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC 1 stars
by askk · poc
https://github.com/askk/CVE-2014-4322_adaptation

This repository contains a working proof-of-concept exploit for CVE-2014-4322, targeting a memory corruption vulnerability in the QSEECom driver on Nexus devices running Android 4.4/5.0. The exploit leverages the vulnerability to escalate privileges from system to root, requiring specific SELinux contexts.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: QSEECom driver on Nexus devices with Android 4.4/5.0
Auth required
Prerequisites: System privileges · Specific SELinux contexts (e.g., keystore, vold, drmserver, mediaserver, surfaceflinger)
devstral-2 · analyzed Feb 16, 2026 Full analysis →
nomisec WORKING POC
by koozxcv · poc
https://github.com/koozxcv/CVE-2014-4322

This PoC exploits CVE-2014-4322, a memory corruption vulnerability in the QSEECom driver on Android devices, to escalate privileges from system to root. It requires specific SELinux contexts and system privileges to execute successfully.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Android 4.4.4 (Kitkat) and Lollipop with QSEECom driver
Auth required
Prerequisites: System privileges · Specific SELinux contexts (e.g., keystore, vold, drmserver)
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

EPSS 0.0345
EPSS Percentile 87.8%

Details

CWE
CWE-787
Status published
Products (1)
linux/linux_kernel 3.0.0 - 3.18.1
Published Dec 24, 2014
Tracked Since Feb 18, 2026