Insecure owner/permission changes in init shell scripts (CVE-2013-6124): During the device start-up phase, several init shell scripts are executed with root privileges to configure various aspects of the system. During this process, standard toolchain commands such as chown or chmod are used to, e.g., change the owner of the sensor settings file to the system user. As these commands follow symbolic links (symlinks), an attacker with write access to these resources is able to conduct symlink attacks and thus change for example the owner of an arbitrary file to system. This flaw can be used to, e.g., elevate privileges.
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6124
www.codeaurora.org/cgit/quic/la//device/qcom/common/commit/?id=2e2d79df934fdb733adaaed060da5b19658af000
www.codeaurora.org/cgit/quic/la//platform/system/core/commit/?id=2419cf9e63d3a8532b2984196d759157569c2fef
www.codeaurora.org/cgit/quic/la//platform/system/core/commit/?id=cf514a3bbb028c84c7357bd5502013823ede9e4a
www.codeaurora.org/cgit/quic/la//platform/system/core/commit/?id=fd256a79a77b53e785fb4a0251efc910e8062c09
www.codeaurora.org/projects/security-advisories/insecure-ownerpermission-changes-init-shell-scripts-cve-2013-6124