Exploitation Summary
EIP tracks 1 public exploit for CVE-2014-4323. PoCs published by marcograss.
AI-analyzed exploit summary This PoC exploits CVE-2014-4323, a local privilege escalation vulnerability in the Qualcomm MDP (Mobile Display Processor) driver. It leverages an integer overflow in the MSMFB_SET_LUT ioctl to achieve arbitrary kernel memory write, ultimately executing a payload to gain root privileges.
Description
The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows attackers to gain privileges via a crafted application.
Exploits (1)
This PoC exploits CVE-2014-4323, a local privilege escalation vulnerability in the Qualcomm MDP (Mobile Display Processor) driver. It leverages an integer overflow in the MSMFB_SET_LUT ioctl to achieve arbitrary kernel memory write, ultimately executing a payload to gain root privileges.