cvelistv5 - cve-2013-6392

CVE-2013-6392 (GCVE-0-2013-6392)

Vulnerability from cvelistv5 – Published: 2013-11-30 02:00 – Updated: 2024-08-06 17:39

Summary

The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	https://www.codeaurora.org/cgit/quic/la/kernel/ms…	x_refsource_CONFIRM
	http://openwall.com/lists/oss-security/2013/11/25/4	mailing-listx_refsource_MLIST

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T17:39:01.445Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3"
          },
          {
            "name": "[oss-security] 20131125 Re: CVE request: Kernel MSM - Memory leak in drivers/base/genlock.c",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2013/11/25/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2013-11-25T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-12-01T17:26:34",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3"
        },
        {
          "name": "[oss-security] 20131125 Re: CVE request: Kernel MSM - Memory leak in drivers/base/genlock.c",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2013/11/25/4"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2013-6392",
    "datePublished": "2013-11-30T02:00:00",
    "dateReserved": "2013-11-04T00:00:00",
    "dateUpdated": "2024-08-06T17:39:01.445Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.2.54:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"82BFCD06-425A-469F-BD52-56C78AB11D54\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.4.72:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B2E29DBF-4869-41F8-85F6-091F1B34D8F8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.4.73:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6D3B42C6-F8F7-493C-81AD-A112A207FC58\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.4.74:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F7F6E06-C45C-47E5-B745-33B1A5083F43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.4.75:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4C8DB4C3-3A34-496E-9422-3D7E1425B7D8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.4.76:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9B167417-35A9-42BA-874E-0B32EE44AFE4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.4.77:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F93FA4BD-DD95-4402-AC27-C1FB86469A52\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.4.78:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF6C0F8A-CD4A-4B7C-84D2-79150FBAAFF5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.4.79:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E392CFA9-C390-4F31-A826-5D2BE237FFD8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.10.22:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FD74D1CD-DBA8-487D-AE08-F3565B12B5D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.10.23:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9A00D89D-63B9-425D-AF50-B274491FA470\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.10.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F18C21F4-F5AB-49D0-8B77-6768337B391A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.10.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"16CCD06D-0248-4802-8FAB-A8411F102078\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.10.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"08315601-ECBF-489B-8482-4D075ABB8B94\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.10.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"93FEF076-6924-4671-A7B4-619582B1F491\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.10.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0E89A6BA-599E-4C5F-B60F-FF8175A1EE57\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.10.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1D0D9E5A-3D4D-41F3-85DE-AA029C0ED86F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.12.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DC580424-3A41-4110-9CDD-C72B52FD360A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.12.4:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A88D6F21-5D58-4BF2-A3DD-6E1C21A464E8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.12.5:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5D16E881-C08D-4C23-BA7F-C2811EA65E6D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.12.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"677023A0-0628-41D0-99B7-CEF547DA7249\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.12.7:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DD77E075-1B20-4EE2-A14F-49772963E589\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.12.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E85620CE-8085-4FE9-B8FE-11585FB2C4AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.12.9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24FC9829-EF73-4FF6-B752-8EFB4223703A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.12.10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6F416D6E-9CF0-47E3-BEF9-97571888FB47\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5B7FC7D-3287-4B15-879E-321F663EB508\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"D1A9A837-2771-4443-A18A-1CE2386FBBF6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"E6016DD8-1AB1-43F9-9652-A47FD48861E0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13:rc3:*:*:*:*:*:*\", \"matchCriteriaId\": \"23289CA4-3FE3-43E7-9793-3120928DD43D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13:rc4:*:*:*:*:*:*\", \"matchCriteriaId\": \"631355B2-8B51-4F16-8733-9C54539E77C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13:rc5:*:*:*:*:*:*\", \"matchCriteriaId\": \"3BCE7F05-607F-48E2-B371-FBDCA585561A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13:rc6:*:*:*:*:*:*\", \"matchCriteriaId\": \"177D555B-CD3B-4E3E-97BD-103AB2A6051A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13:rc7:*:*:*:*:*:*\", \"matchCriteriaId\": \"45A19E0E-D07B-43E6-B334-A7A3FE4367C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13:rc8:*:*:*:*:*:*\", \"matchCriteriaId\": \"A8C0E4F9-F1B8-459B-9A4F-42164EBCFD61\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D220E16-C172-4A6A-971B-6B1B6CA6AA8F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.13.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D45AF000-98BE-4C23-8E40-A8E202800DC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.14:rc1:*:*:*:*:*:*\", \"matchCriteriaId\": \"7E922227-ADB4-41CC-AC2E-10D0F9FD165E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:codeaurora:android-msm:3.14:rc2:*:*:*:*:*:*\", \"matchCriteriaId\": \"C0BED70D-0E2E-433A-A8B1-3418793969CD\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call.\"}, {\"lang\": \"es\", \"value\": \"La funci\\u00f3n genlock_dev_ioctl de genlock.c en el driver Genlock para el kernel de Linux 3.x, tal y como se usa en contribuciones de Android Qualcomm Innovation Center (QuIC) para dispositivos MSM y otros productos, no inicia adecuadamente una cierta estructura de datos, lo que permite a usuarios locales obtener informaci\\u00f3n sensible desde la memoria de pila del kernel a trav\\u00e9s de una llamada GENLOCK_IOC_EXPORT ioctl manipulada.\"}]",
      "id": "CVE-2013-6392",
      "lastModified": "2024-11-21T01:59:08.197",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:C/I:N/A:N\", \"baseScore\": 4.9, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 3.9, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2013-11-30T02:55:04.043",
      "references": "[{\"url\": \"http://openwall.com/lists/oss-security/2013/11/25/4\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Patch\"]}, {\"url\": \"http://openwall.com/lists/oss-security/2013/11/25/4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\"]}]",
      "sourceIdentifier": "secalert@redhat.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-399\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2013-6392\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2013-11-30T02:55:04.043\",\"lastModified\":\"2025-04-11T00:51:21.963\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call.\"},{\"lang\":\"es\",\"value\":\"La funci\u00f3n genlock_dev_ioctl de genlock.c en el driver Genlock para el kernel de Linux 3.x, tal y como se usa en contribuciones de Android Qualcomm Innovation Center (QuIC) para dispositivos MSM y otros productos, no inicia adecuadamente una cierta estructura de datos, lo que permite a usuarios locales obtener informaci\u00f3n sensible desde la memoria de pila del kernel a trav\u00e9s de una llamada GENLOCK_IOC_EXPORT ioctl manipulada.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:N/A:N\",\"baseScore\":4.9,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-399\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.2.54:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82BFCD06-425A-469F-BD52-56C78AB11D54\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.4.72:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B2E29DBF-4869-41F8-85F6-091F1B34D8F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.4.73:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D3B42C6-F8F7-493C-81AD-A112A207FC58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.4.74:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F7F6E06-C45C-47E5-B745-33B1A5083F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.4.75:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4C8DB4C3-3A34-496E-9422-3D7E1425B7D8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.4.76:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B167417-35A9-42BA-874E-0B32EE44AFE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.4.77:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F93FA4BD-DD95-4402-AC27-C1FB86469A52\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.4.78:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF6C0F8A-CD4A-4B7C-84D2-79150FBAAFF5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.4.79:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E392CFA9-C390-4F31-A826-5D2BE237FFD8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.10.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FD74D1CD-DBA8-487D-AE08-F3565B12B5D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.10.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A00D89D-63B9-425D-AF50-B274491FA470\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.10.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F18C21F4-F5AB-49D0-8B77-6768337B391A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.10.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16CCD06D-0248-4802-8FAB-A8411F102078\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.10.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"08315601-ECBF-489B-8482-4D075ABB8B94\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.10.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"93FEF076-6924-4671-A7B4-619582B1F491\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.10.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0E89A6BA-599E-4C5F-B60F-FF8175A1EE57\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.10.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D0D9E5A-3D4D-41F3-85DE-AA029C0ED86F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.12.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DC580424-3A41-4110-9CDD-C72B52FD360A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.12.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A88D6F21-5D58-4BF2-A3DD-6E1C21A464E8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.12.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5D16E881-C08D-4C23-BA7F-C2811EA65E6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.12.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"677023A0-0628-41D0-99B7-CEF547DA7249\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.12.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DD77E075-1B20-4EE2-A14F-49772963E589\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.12.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E85620CE-8085-4FE9-B8FE-11585FB2C4AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.12.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24FC9829-EF73-4FF6-B752-8EFB4223703A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.12.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F416D6E-9CF0-47E3-BEF9-97571888FB47\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5B7FC7D-3287-4B15-879E-321F663EB508\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"D1A9A837-2771-4443-A18A-1CE2386FBBF6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6016DD8-1AB1-43F9-9652-A47FD48861E0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"23289CA4-3FE3-43E7-9793-3120928DD43D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"631355B2-8B51-4F16-8733-9C54539E77C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"3BCE7F05-607F-48E2-B371-FBDCA585561A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"177D555B-CD3B-4E3E-97BD-103AB2A6051A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"45A19E0E-D07B-43E6-B334-A7A3FE4367C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13:rc8:*:*:*:*:*:*\",\"matchCriteriaId\":\"A8C0E4F9-F1B8-459B-9A4F-42164EBCFD61\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D220E16-C172-4A6A-971B-6B1B6CA6AA8F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.13.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D45AF000-98BE-4C23-8E40-A8E202800DC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.14:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E922227-ADB4-41CC-AC2E-10D0F9FD165E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:codeaurora:android-msm:3.14:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"C0BED70D-0E2E-433A-A8B1-3418793969CD\"}]}]}],\"references\":[{\"url\":\"http://openwall.com/lists/oss-security/2013/11/25/4\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://openwall.com/lists/oss-security/2013/11/25/4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}"
  }
}

GSD-2013-6392

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2013-6392

Aliases

CVE-2013-6392

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2013-6392",
    "description": "The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call.",
    "id": "GSD-2013-6392"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2013-6392"
      ],
      "details": "The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call.",
      "id": "GSD-2013-6392",
      "modified": "2023-12-13T01:22:18.956713Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2013-6392",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "=",
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "http://openwall.com/lists/oss-security/2013/11/25/4",
            "refsource": "MISC",
            "url": "http://openwall.com/lists/oss-security/2013/11/25/4"
          },
          {
            "name": "https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3",
            "refsource": "MISC",
            "url": "https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.10.26:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.10.27:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.10.28:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.10.29:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13:rc5:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13:rc6:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13:rc7:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13:rc8:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.10.22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.10.24:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.12.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.12.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13:rc4:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.14:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.4.76:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.4.78:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.12.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.12.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.12.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.2.54:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.4.72:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.4.73:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.4.74:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.4.75:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.10.23:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.10.25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.12.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.12.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.12.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13:rc1:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13:rc3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.13.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.14:rc2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.4.77:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:codeaurora:android-msm:3.4.79:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2013-6392"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-399"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3",
              "refsource": "CONFIRM",
              "tags": [
                "Patch"
              ],
              "url": "https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3"
            },
            {
              "name": "[oss-security] 20131125 Re: CVE request: Kernel MSM - Memory leak in drivers/base/genlock.c",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://openwall.com/lists/oss-security/2013/11/25/4"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.9,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2014-03-05T18:29Z",
      "publishedDate": "2013-11-30T02:55Z"
    }
  }
}

FKIE_CVE-2013-6392

Vulnerability from fkie_nvd - Published: 2013-11-30 02:55 - Updated: 2025-04-11 00:51

Severity ?

Summary

References

URL	Tags
secalert@redhat.com	http://openwall.com/lists/oss-security/2013/11/25/4
secalert@redhat.com	https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625&h=jb_3.2.3	Patch
af854a3a-2127-422b-91ae-364da2661108	http://openwall.com/lists/oss-security/2013/11/25/4
af854a3a-2127-422b-91ae-364da2661108	https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625&h=jb_3.2.3	Patch

Impacted products

Vendor	Product	Version
codeaurora	android-msm	3.2.54
codeaurora	android-msm	3.4.72
codeaurora	android-msm	3.4.73
codeaurora	android-msm	3.4.74
codeaurora	android-msm	3.4.75
codeaurora	android-msm	3.4.76
codeaurora	android-msm	3.4.77
codeaurora	android-msm	3.4.78
codeaurora	android-msm	3.4.79
codeaurora	android-msm	3.10.22
codeaurora	android-msm	3.10.23
codeaurora	android-msm	3.10.24
codeaurora	android-msm	3.10.25
codeaurora	android-msm	3.10.26
codeaurora	android-msm	3.10.27
codeaurora	android-msm	3.10.28
codeaurora	android-msm	3.10.29
codeaurora	android-msm	3.12.3
codeaurora	android-msm	3.12.4
codeaurora	android-msm	3.12.5
codeaurora	android-msm	3.12.6
codeaurora	android-msm	3.12.7
codeaurora	android-msm	3.12.8
codeaurora	android-msm	3.12.9
codeaurora	android-msm	3.12.10
codeaurora	android-msm	3.13
codeaurora	android-msm	3.13
codeaurora	android-msm	3.13
codeaurora	android-msm	3.13
codeaurora	android-msm	3.13
codeaurora	android-msm	3.13
codeaurora	android-msm	3.13
codeaurora	android-msm	3.13
codeaurora	android-msm	3.13
codeaurora	android-msm	3.13.1
codeaurora	android-msm	3.13.2
codeaurora	android-msm	3.14
codeaurora	android-msm	3.14

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.2.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "82BFCD06-425A-469F-BD52-56C78AB11D54",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.4.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2E29DBF-4869-41F8-85F6-091F1B34D8F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.4.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "6D3B42C6-F8F7-493C-81AD-A112A207FC58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.4.74:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F7F6E06-C45C-47E5-B745-33B1A5083F43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.4.75:*:*:*:*:*:*:*",
              "matchCriteriaId": "4C8DB4C3-3A34-496E-9422-3D7E1425B7D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.4.76:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B167417-35A9-42BA-874E-0B32EE44AFE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.4.77:*:*:*:*:*:*:*",
              "matchCriteriaId": "F93FA4BD-DD95-4402-AC27-C1FB86469A52",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.4.78:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF6C0F8A-CD4A-4B7C-84D2-79150FBAAFF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.4.79:*:*:*:*:*:*:*",
              "matchCriteriaId": "E392CFA9-C390-4F31-A826-5D2BE237FFD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.10.22:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD74D1CD-DBA8-487D-AE08-F3565B12B5D3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.10.23:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A00D89D-63B9-425D-AF50-B274491FA470",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.10.24:*:*:*:*:*:*:*",
              "matchCriteriaId": "F18C21F4-F5AB-49D0-8B77-6768337B391A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.10.25:*:*:*:*:*:*:*",
              "matchCriteriaId": "16CCD06D-0248-4802-8FAB-A8411F102078",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.10.26:*:*:*:*:*:*:*",
              "matchCriteriaId": "08315601-ECBF-489B-8482-4D075ABB8B94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.10.27:*:*:*:*:*:*:*",
              "matchCriteriaId": "93FEF076-6924-4671-A7B4-619582B1F491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.10.28:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E89A6BA-599E-4C5F-B60F-FF8175A1EE57",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.10.29:*:*:*:*:*:*:*",
              "matchCriteriaId": "1D0D9E5A-3D4D-41F3-85DE-AA029C0ED86F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.12.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC580424-3A41-4110-9CDD-C72B52FD360A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.12.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "A88D6F21-5D58-4BF2-A3DD-6E1C21A464E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.12.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D16E881-C08D-4C23-BA7F-C2811EA65E6D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.12.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "677023A0-0628-41D0-99B7-CEF547DA7249",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.12.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD77E075-1B20-4EE2-A14F-49772963E589",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.12.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E85620CE-8085-4FE9-B8FE-11585FB2C4AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.12.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "24FC9829-EF73-4FF6-B752-8EFB4223703A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F416D6E-9CF0-47E3-BEF9-97571888FB47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5B7FC7D-3287-4B15-879E-321F663EB508",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "D1A9A837-2771-4443-A18A-1CE2386FBBF6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "E6016DD8-1AB1-43F9-9652-A47FD48861E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "23289CA4-3FE3-43E7-9793-3120928DD43D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "631355B2-8B51-4F16-8733-9C54539E77C8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13:rc5:*:*:*:*:*:*",
              "matchCriteriaId": "3BCE7F05-607F-48E2-B371-FBDCA585561A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13:rc6:*:*:*:*:*:*",
              "matchCriteriaId": "177D555B-CD3B-4E3E-97BD-103AB2A6051A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13:rc7:*:*:*:*:*:*",
              "matchCriteriaId": "45A19E0E-D07B-43E6-B334-A7A3FE4367C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13:rc8:*:*:*:*:*:*",
              "matchCriteriaId": "A8C0E4F9-F1B8-459B-9A4F-42164EBCFD61",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D220E16-C172-4A6A-971B-6B1B6CA6AA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.13.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D45AF000-98BE-4C23-8E40-A8E202800DC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.14:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "7E922227-ADB4-41CC-AC2E-10D0F9FD165E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:codeaurora:android-msm:3.14:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "C0BED70D-0E2E-433A-A8B1-3418793969CD",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n genlock_dev_ioctl de genlock.c en el driver Genlock para el kernel de Linux 3.x, tal y como se usa en contribuciones de Android Qualcomm Innovation Center (QuIC) para dispositivos MSM y otros productos, no inicia adecuadamente una cierta estructura de datos, lo que permite a usuarios locales obtener informaci\u00f3n sensible desde la memoria de pila del kernel a trav\u00e9s de una llamada GENLOCK_IOC_EXPORT ioctl manipulada."
    }
  ],
  "id": "CVE-2013-6392",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.9,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:C/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2013-11-30T02:55:04.043",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://openwall.com/lists/oss-security/2013/11/25/4"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Patch"
      ],
      "url": "https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://openwall.com/lists/oss-security/2013/11/25/4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-399"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-VMH8-JGCF-H9P2

Vulnerability from github – Published: 2022-05-17 04:51 – Updated: 2022-05-17 04:51

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2013-6392"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2013-11-30T02:55:00Z",
    "severity": "MODERATE"
  },
  "details": "The genlock_dev_ioctl function in genlock.c in the Genlock driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted GENLOCK_IOC_EXPORT ioctl call.",
  "id": "GHSA-vmh8-jgcf-h9p2",
  "modified": "2022-05-17T04:51:14Z",
  "published": "2022-05-17T04:51:14Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2013-6392"
    },
    {
      "type": "WEB",
      "url": "https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/drivers/base/genlock.c?id=e3c43027bdb59f03eec7ead0a01c77e4bf801625\u0026h=jb_3.2.3"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2013/11/25/4"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2013-6392 (GCVE-0-2013-6392)

GSD-2013-6392

FKIE_CVE-2013-6392

GHSA-VMH8-JGCF-H9P2

Tags

Sightings

Nomenclature