kernel-packages team mailing list archive
-
kernel-packages team
-
Mailing list archive
-
Message #40949
[Bug 1270104] [NEW] CVE-2013-6123
*** This bug is a security vulnerability ***
Public security bug reported:
Multiple array index errors in
drivers/media/video/msm/server/msm_cam_server.c in the MSM camera driver
for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC)
Android contributions for MSM devices and other products, allow
attackers to gain privileges by leveraging camera device-node access,
related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3)
msm_server_send_ctrl functions.
** Affects: linux (Ubuntu)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu)
Importance: Medium
Status: Invalid
** Affects: linux-ec2 (Ubuntu)
Importance: Medium
Status: Invalid
** Affects: linux-fsl-imx51 (Ubuntu)
Importance: Medium
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu)
Importance: Medium
Status: Invalid
** Affects: linux-lts-raring (Ubuntu)
Importance: Medium
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu)
Importance: Medium
Status: Invalid
** Affects: linux-mvl-dove (Ubuntu)
Importance: Medium
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu)
Importance: Medium
Status: Invalid
** Affects: linux (Ubuntu Lucid)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu Lucid)
Importance: Medium
Status: Invalid
** Affects: linux-ec2 (Ubuntu Lucid)
Importance: Medium
Status: New
** Affects: linux-fsl-imx51 (Ubuntu Lucid)
Importance: Medium
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu Lucid)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu Lucid)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu Lucid)
Importance: Medium
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Lucid)
Importance: Medium
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Lucid)
Importance: Medium
Status: Invalid
** Affects: linux-mvl-dove (Ubuntu Lucid)
Importance: Medium
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Lucid)
Importance: Medium
Status: Invalid
** Affects: linux (Ubuntu Precise)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu Precise)
Importance: Medium
Status: New
** Affects: linux-ec2 (Ubuntu Precise)
Importance: Medium
Status: Invalid
** Affects: linux-fsl-imx51 (Ubuntu Precise)
Importance: Medium
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu Precise)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu Precise)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu Precise)
Importance: Medium
Status: New
** Affects: linux-lts-raring (Ubuntu Precise)
Importance: Medium
Status: New
** Affects: linux-lts-saucy (Ubuntu Precise)
Importance: Medium
Status: New
** Affects: linux-mvl-dove (Ubuntu Precise)
Importance: Medium
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Precise)
Importance: Medium
Status: New
** Affects: linux (Ubuntu Quantal)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu Quantal)
Importance: Medium
Status: New
** Affects: linux-ec2 (Ubuntu Quantal)
Importance: Medium
Status: Invalid
** Affects: linux-fsl-imx51 (Ubuntu Quantal)
Importance: Medium
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu Quantal)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu Quantal)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu Quantal)
Importance: Medium
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Quantal)
Importance: Medium
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Quantal)
Importance: Medium
Status: Invalid
** Affects: linux-mvl-dove (Ubuntu Quantal)
Importance: Medium
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Quantal)
Importance: Medium
Status: New
** Affects: linux (Ubuntu Raring)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu Raring)
Importance: Medium
Status: Invalid
** Affects: linux-ec2 (Ubuntu Raring)
Importance: Medium
Status: Invalid
** Affects: linux-fsl-imx51 (Ubuntu Raring)
Importance: Medium
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu Raring)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu Raring)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu Raring)
Importance: Medium
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Raring)
Importance: Medium
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Raring)
Importance: Medium
Status: Invalid
** Affects: linux-mvl-dove (Ubuntu Raring)
Importance: Medium
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Raring)
Importance: Medium
Status: New
** Affects: linux (Ubuntu Saucy)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu Saucy)
Importance: Medium
Status: Invalid
** Affects: linux-ec2 (Ubuntu Saucy)
Importance: Medium
Status: Invalid
** Affects: linux-fsl-imx51 (Ubuntu Saucy)
Importance: Medium
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu Saucy)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu Saucy)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu Saucy)
Importance: Medium
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Saucy)
Importance: Medium
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Saucy)
Importance: Medium
Status: Invalid
** Affects: linux-mvl-dove (Ubuntu Saucy)
Importance: Medium
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Saucy)
Importance: Medium
Status: New
** Affects: linux (Ubuntu Trusty)
Importance: Medium
Status: New
** Affects: linux-armadaxp (Ubuntu Trusty)
Importance: Medium
Status: Invalid
** Affects: linux-ec2 (Ubuntu Trusty)
Importance: Medium
Status: Invalid
** Affects: linux-fsl-imx51 (Ubuntu Trusty)
Importance: Medium
Status: Invalid
** Affects: linux-lts-backport-maverick (Ubuntu Trusty)
Importance: Undecided
Status: New
** Affects: linux-lts-backport-natty (Ubuntu Trusty)
Importance: Undecided
Status: New
** Affects: linux-lts-quantal (Ubuntu Trusty)
Importance: Medium
Status: Invalid
** Affects: linux-lts-raring (Ubuntu Trusty)
Importance: Medium
Status: Invalid
** Affects: linux-lts-saucy (Ubuntu Trusty)
Importance: Medium
Status: Invalid
** Affects: linux-mvl-dove (Ubuntu Trusty)
Importance: Medium
Status: Invalid
** Affects: linux-ti-omap4 (Ubuntu Trusty)
Importance: Medium
Status: Invalid
** Tags: kernel-cve-tracking-bug
** Tags added: kernel-cve-tracking-bug
** Information type changed from Public to Public Security
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-6123
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1270104
Title:
CVE-2013-6123
Status in “linux” package in Ubuntu:
New
Status in “linux-armadaxp” package in Ubuntu:
Invalid
Status in “linux-ec2” package in Ubuntu:
Invalid
Status in “linux-fsl-imx51” package in Ubuntu:
Invalid
Status in “linux-lts-backport-maverick” package in Ubuntu:
New
Status in “linux-lts-backport-natty” package in Ubuntu:
New
Status in “linux-lts-quantal” package in Ubuntu:
Invalid
Status in “linux-lts-raring” package in Ubuntu:
Invalid
Status in “linux-lts-saucy” package in Ubuntu:
Invalid
Status in “linux-mvl-dove” package in Ubuntu:
Invalid
Status in “linux-ti-omap4” package in Ubuntu:
Invalid
Status in “linux” source package in Lucid:
New
Status in “linux-armadaxp” source package in Lucid:
Invalid
Status in “linux-ec2” source package in Lucid:
New
Status in “linux-fsl-imx51” source package in Lucid:
Invalid
Status in “linux-lts-backport-maverick” source package in Lucid:
New
Status in “linux-lts-backport-natty” source package in Lucid:
New
Status in “linux-lts-quantal” source package in Lucid:
Invalid
Status in “linux-lts-raring” source package in Lucid:
Invalid
Status in “linux-lts-saucy” source package in Lucid:
Invalid
Status in “linux-mvl-dove” source package in Lucid:
Invalid
Status in “linux-ti-omap4” source package in Lucid:
Invalid
Status in “linux” source package in Precise:
New
Status in “linux-armadaxp” source package in Precise:
New
Status in “linux-ec2” source package in Precise:
Invalid
Status in “linux-fsl-imx51” source package in Precise:
Invalid
Status in “linux-lts-backport-maverick” source package in Precise:
New
Status in “linux-lts-backport-natty” source package in Precise:
New
Status in “linux-lts-quantal” source package in Precise:
New
Status in “linux-lts-raring” source package in Precise:
New
Status in “linux-lts-saucy” source package in Precise:
New
Status in “linux-mvl-dove” source package in Precise:
Invalid
Status in “linux-ti-omap4” source package in Precise:
New
Status in “linux” source package in Quantal:
New
Status in “linux-armadaxp” source package in Quantal:
New
Status in “linux-ec2” source package in Quantal:
Invalid
Status in “linux-fsl-imx51” source package in Quantal:
Invalid
Status in “linux-lts-backport-maverick” source package in Quantal:
New
Status in “linux-lts-backport-natty” source package in Quantal:
New
Status in “linux-lts-quantal” source package in Quantal:
Invalid
Status in “linux-lts-raring” source package in Quantal:
Invalid
Status in “linux-lts-saucy” source package in Quantal:
Invalid
Status in “linux-mvl-dove” source package in Quantal:
Invalid
Status in “linux-ti-omap4” source package in Quantal:
New
Status in “linux” source package in Raring:
New
Status in “linux-armadaxp” source package in Raring:
Invalid
Status in “linux-ec2” source package in Raring:
Invalid
Status in “linux-fsl-imx51” source package in Raring:
Invalid
Status in “linux-lts-backport-maverick” source package in Raring:
New
Status in “linux-lts-backport-natty” source package in Raring:
New
Status in “linux-lts-quantal” source package in Raring:
Invalid
Status in “linux-lts-raring” source package in Raring:
Invalid
Status in “linux-lts-saucy” source package in Raring:
Invalid
Status in “linux-mvl-dove” source package in Raring:
Invalid
Status in “linux-ti-omap4” source package in Raring:
New
Status in “linux” source package in Saucy:
New
Status in “linux-armadaxp” source package in Saucy:
Invalid
Status in “linux-ec2” source package in Saucy:
Invalid
Status in “linux-fsl-imx51” source package in Saucy:
Invalid
Status in “linux-lts-backport-maverick” source package in Saucy:
New
Status in “linux-lts-backport-natty” source package in Saucy:
New
Status in “linux-lts-quantal” source package in Saucy:
Invalid
Status in “linux-lts-raring” source package in Saucy:
Invalid
Status in “linux-lts-saucy” source package in Saucy:
Invalid
Status in “linux-mvl-dove” source package in Saucy:
Invalid
Status in “linux-ti-omap4” source package in Saucy:
New
Status in “linux” source package in Trusty:
New
Status in “linux-armadaxp” source package in Trusty:
Invalid
Status in “linux-ec2” source package in Trusty:
Invalid
Status in “linux-fsl-imx51” source package in Trusty:
Invalid
Status in “linux-lts-backport-maverick” source package in Trusty:
New
Status in “linux-lts-backport-natty” source package in Trusty:
New
Status in “linux-lts-quantal” source package in Trusty:
Invalid
Status in “linux-lts-raring” source package in Trusty:
Invalid
Status in “linux-lts-saucy” source package in Trusty:
Invalid
Status in “linux-mvl-dove” source package in Trusty:
Invalid
Status in “linux-ti-omap4” source package in Trusty:
Invalid
Bug description:
Multiple array index errors in
drivers/media/video/msm/server/msm_cam_server.c in the MSM camera
driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center
(QuIC) Android contributions for MSM devices and other products, allow
attackers to gain privileges by leveraging camera device-node access,
related to the (1) msm_ctrl_cmd_done, (2) msm_ioctl_server, and (3)
msm_server_send_ctrl functions.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1270104/+subscriptions
Follow ups
-
[Bug 1270104] Re: CVE-2013-6123
From: Steve Beattie, 2016-05-05
-
[Bug 1270104] Re: CVE-2013-6123
From: Steve Beattie, 2016-04-26
-
[Bug 1270104] Re: CVE-2013-6123
From: Rolf Leggewie, 2016-04-24
-
[Bug 1270104] Re: CVE-2013-6123
From: Steve Beattie, 2016-02-10
-
[Bug 1270104] Re: CVE-2013-6123
From: Steve Beattie, 2015-11-16
-
[Bug 1270104] Re: CVE-2013-6123
From: Steve Beattie, 2015-11-10
-
[Bug 1270104] Re: CVE-2013-6123
From: Steve Beattie, 2015-10-28
-
[Bug 1270104] Re: CVE-2013-6123
From: John Johansen, 2015-07-28
-
[Bug 1270104] Re: CVE-2013-6123
From: John Johansen, 2015-05-08
-
[Bug 1270104] Re: CVE-2013-6123
From: John Johansen, 2015-05-04
-
[Bug 1270104] Re: CVE-2013-6123
From: John Johansen, 2015-01-28
-
[Bug 1270104] Re: CVE-2013-6123
From: Rolf Leggewie, 2014-12-05
-
[Bug 1270104] Closing unsupported series nomination.
From: Joseph Salisbury, 2014-09-15
-
[Bug 1270104] Re: CVE-2013-6123
From: Jamie Strandboge, 2014-06-26
-
[Bug 1270104] Re: CVE-2013-6123
From: Jamie Strandboge, 2014-04-17
-
[Bug 1270104] Re: CVE-2013-6123
From: John Johansen, 2014-01-29
-
[Bug 1270104] Re: CVE-2013-6123
From: Jamie Strandboge, 2014-01-17
-
[Bug 1270104] Re: CVE-2013-6123
From: John Johansen, 2014-01-17
-
[Bug 1270104] [NEW] CVE-2013-6123
From: John Johansen, 2014-01-17
References