CVE-2013-2597
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in...
Basic Information
- CVE State
- PUBLISHED
- Reserved Date
- March 15, 2013
- Published Date
- August 31, 2014
- Last Updated
- February 10, 2025
- Vendor
- Qualcomm
- Product
- Linux Kernel
- Description
- Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument.
- Tags
- Exploitation
- active
- Technical Impact
- total
- Exploited in the Wild
- Yes (2022-09-15 00:00:00 UTC) Source
linux
android
cisa
CVSS Scores
CVSS v3.1
8.4 - HIGH
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0
7.2
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
SSVC Information
Exploit Status
Known Exploited Vulnerability Information
| Source | Added Date |
|---|---|
| CISA | 2022-09-15 00:00:00 UTC |
Timeline
-
CVE ID Reserved
-
CVE Published to Public
-
Added to KEVIntel