CVE-2013-2598

Name of the Vulnerable Software and Affected Versions Little Kernel (LK) bootloader (affected versions not specified)

Description The issue allows attackers to overwrite signature-verification code by crafting boot-image load-destination header values that specify memory locations within bootloader memory. This is related to the app/aboot/aboot.c component in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.