CVE-2013-4738

HIGH Year: 2013
CVSS v2 Score
7.2
High
Weakness Type
CWE-119
View all →

Vulnerability Description

Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c.

Related Vulnerabilities

CVE-2015-0565

CRITICAL
CVSS:10.0(Critical)

NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.

CWE-1192015

CVE-2015-8459

CRITICAL
CVSS:10.0(Critical)

Adobe Flash Player before 18.0.0.324 and 19.x and 20.x before 20.0.0.267 on Windows and OS X and before 11.2.202.559 on Linux, Adobe AIR before 20.0.0.233, Adobe AIR SDK before 20.0.0.233, and Adobe A...

CWE-1192015

CVE-2015-8659

CRITICAL
CVSS:10.0(Critical)

The idle stream handling in nghttp2 before 1.6.0 allows attackers to have unspecified impact via unknown vectors, aka a heap-use-after-free bug.

CWE-1192015

CVE-2016-1931

CRITICAL
CVSS:10.0(Critical)

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly exec...

CWE-1192016

CVE-2016-8352

CRITICAL
CVSS:10.0(Critical)

An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFEC23FCF20 all versions, TCSEFEC23FCF21 all versions, and TCSEFEC2CF3F20...

CWE-1192016

CVE-2017-10920

CRITICAL
CVSS:10.0(Critical)

The grant-table feature in Xen through 4.8.x mishandles a GNTMAP_device_map and GNTMAP_host_map mapping, when followed by only a GNTMAP_host_map unmapping, which allows guest OS users to cause a denia...

CWE-1192017