CVE-2013-2595

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.x through 3.x

Description The issue concerns the device-initialization functionality in the MSM camera driver, which allows for an unrestricted mmap interface via MSM CAM IOCTL SET MEM MAP INFO ioctl calls. This enables attackers to gain privileges by using a crafted application.

Recommendations For Linux kernel versions 2.6.x through 3.x, consider restricting access to the MSM CAM IOCTL SET MEM MAP INFO ioctl calls to minimize the risk of exploitation. As a temporary workaround, disabling the mmap interface for the MSM camera driver may help until a more permanent solution is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.