var-201402-0145
Vulnerability from variot
The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly consider certain memory sections, which makes it easier for attackers to bypass intended access restrictions by leveraging the presence of RWX memory at a fixed location. There is a security bypass vulnerability in the camera driver provided by Code Aurora. There is a problem with the CONFIG_STRICT_MEMORY_RWX implementation on the Linux kernel 3.x used by the Code Aurora device. When CONFIG_STRICT_MEMORY_RWX is set, the first segment of memory (including the kernel page table and initial code) and the segment containing the init code are set with RWX permissions. Allows an attacker to provide fixed-location read and write, execute content to bypass security restrictions, and more easily perform kernel exploits. This may aid in further attacks. Android for MSM is an Android MSM project, the main purpose of this project is to build an Android platform that includes Qualcomm MSM chipset. There is a security vulnerability in the implementation of the CONFIG_STRICT_MEMORY_RWX function of the Linux kernel version 3.10 used in QuIC Android contributions for MSM devices. The vulnerability stems from the fact that the program does not manage memory correctly
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201402-0145",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "quic mobile station modem kernel",
"scope": "eq",
"trust": 1.6,
"vendor": "qualcomm",
"version": "3.10"
},
{
"model": "quic mobile station modem",
"scope": "eq",
"trust": 0.8,
"vendor": "qualcomm",
"version": "3.10"
},
{
"model": "aurora forum android for msm",
"scope": null,
"trust": 0.6,
"vendor": "code",
"version": null
},
{
"model": "aurora forum firefox os for msm",
"scope": null,
"trust": 0.6,
"vendor": "code",
"version": null
},
{
"model": "aurora forum qrd android",
"scope": null,
"trust": 0.6,
"vendor": "code",
"version": null
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01115"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006056"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-218"
},
{
"db": "NVD",
"id": "CVE-2013-4737"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/o:qualcomm:quic_mobile_station_modem_kernel",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006056"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Georg Wicherski of CrowdStrike",
"sources": [
{
"db": "BID",
"id": "65630"
}
],
"trust": 0.3
},
"cve": "CVE-2013-4737",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CVE-2013-4737",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "CNVD-2014-01115",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.6,
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 8.6,
"id": "VHN-64739",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-4737",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-4737",
"trust": 0.8,
"value": "High"
},
{
"author": "CNVD",
"id": "CNVD-2014-01115",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-201402-218",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-64739",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01115"
},
{
"db": "VULHUB",
"id": "VHN-64739"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006056"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-218"
},
{
"db": "NVD",
"id": "CVE-2013-4737"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly consider certain memory sections, which makes it easier for attackers to bypass intended access restrictions by leveraging the presence of RWX memory at a fixed location. There is a security bypass vulnerability in the camera driver provided by Code Aurora. There is a problem with the CONFIG_STRICT_MEMORY_RWX implementation on the Linux kernel 3.x used by the Code Aurora device. When CONFIG_STRICT_MEMORY_RWX is set, the first segment of memory (including the kernel page table and initial code) and the segment containing the init code are set with RWX permissions. Allows an attacker to provide fixed-location read and write, execute content to bypass security restrictions, and more easily perform kernel exploits. This may aid in further attacks. Android for MSM is an Android MSM project, the main purpose of this project is to build an Android platform that includes Qualcomm MSM chipset. There is a security vulnerability in the implementation of the CONFIG_STRICT_MEMORY_RWX function of the Linux kernel version 3.10 used in QuIC Android contributions for MSM devices. The vulnerability stems from the fact that the program does not manage memory correctly",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-4737"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006056"
},
{
"db": "CNVD",
"id": "CNVD-2014-01115"
},
{
"db": "BID",
"id": "65630"
},
{
"db": "VULHUB",
"id": "VHN-64739"
}
],
"trust": 2.52
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-4737",
"trust": 3.4
},
{
"db": "BID",
"id": "65630",
"trust": 1.0
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006056",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201402-218",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2014-01115",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-64739",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01115"
},
{
"db": "VULHUB",
"id": "VHN-64739"
},
{
"db": "BID",
"id": "65630"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006056"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-218"
},
{
"db": "NVD",
"id": "CVE-2013-4737"
}
]
},
"id": "VAR-201402-0145",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01115"
},
{
"db": "VULHUB",
"id": "VHN-64739"
}
],
"trust": 1.7
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01115"
}
]
},
"last_update_date": "2024-11-23T22:35:16.751000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "QCIR-2013-00006-1",
"trust": 0.8,
"url": "https://www.codeaurora.org/projects/security-advisories/configstrictmemoryrwx-not-strictly-enforced-cve-2013-4737"
},
{
"title": "Code Aurora multiple products \u0027CONFIG_STRICT_MEMORY_RWX\u0027 security bypass vulnerability patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchInfo/show/43741"
},
{
"title": "4256415b296348ff16cd17a5b8f8dce4dea37328",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=48086"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01115"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006056"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-218"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-264",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-64739"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006056"
},
{
"db": "NVD",
"id": "CVE-2013-4737"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.3,
"url": "https://www.codeaurora.org/projects/security-advisories/configstrictmemoryrwx-not-strictly-enforced-cve-2013-4737"
},
{
"trust": 0.8,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-4737"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-4737"
},
{
"trust": 0.3,
"url": "http://www.kernel.org/"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2014-01115"
},
{
"db": "VULHUB",
"id": "VHN-64739"
},
{
"db": "BID",
"id": "65630"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006056"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-218"
},
{
"db": "NVD",
"id": "CVE-2013-4737"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2014-01115"
},
{
"db": "VULHUB",
"id": "VHN-64739"
},
{
"db": "BID",
"id": "65630"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-006056"
},
{
"db": "CNNVD",
"id": "CNNVD-201402-218"
},
{
"db": "NVD",
"id": "CVE-2013-4737"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01115"
},
{
"date": "2014-02-15T00:00:00",
"db": "VULHUB",
"id": "VHN-64739"
},
{
"date": "2014-02-18T00:00:00",
"db": "BID",
"id": "65630"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006056"
},
{
"date": "2014-02-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-218"
},
{
"date": "2014-02-15T14:57:07.737000",
"db": "NVD",
"id": "CVE-2013-4737"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2014-02-20T00:00:00",
"db": "CNVD",
"id": "CNVD-2014-01115"
},
{
"date": "2014-02-18T00:00:00",
"db": "VULHUB",
"id": "VHN-64739"
},
{
"date": "2014-02-18T00:00:00",
"db": "BID",
"id": "65630"
},
{
"date": "2014-02-19T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-006056"
},
{
"date": "2014-02-20T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201402-218"
},
{
"date": "2024-11-21T01:56:15.250000",
"db": "NVD",
"id": "CVE-2013-4737"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-218"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "MSM For devices Qualcomm Innovation Center Android Used for contributions etc. Linux Kernel for CONFIG_STRICT_MEMORY_RWX Vulnerability that can bypass access restrictions",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-006056"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "permissions and access control",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201402-218"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…