Ubuntu.comUB:CVE-2013-2597CVE-2013-2597
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
52.2%
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in
the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in
Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and
other products, allows attackers to gain privileges via an application that
leverages /dev/msm_acdb access and provides a large size value in an ioctl
argument.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | need to check if any of our phone kernels contain this driver |
| jdstrand | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support |
Related
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.002 Low
EPSS
Percentile
52.2%