7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.001 Low
EPSS
Percentile
50.4%
Multiple integer overflows in the JPEG engine drivers in the MSM camera
driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation
Center (QuIC) Android contributions for MSM devices and other products,
allow attackers to cause a denial of service (system crash) via a large
number of commands in an ioctl call, related to (1)
camera_v1/gemini/msm_gemini_sync.c, (2) camera_v2/gemini/msm_gemini_sync.c,
(3) camera_v2/jpeg_10/msm_jpeg_sync.c, (4) gemini/msm_gemini_sync.c, (5)
jpeg_10/msm_jpeg_sync.c, and (6) mercury/msm_mercury_sync.c.
Author | Note |
---|---|
jdstrand | android kernels (goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 13.10 preview kernels |