Launchpad.net

CVE 2013-4736

Multiple integer overflows in the JPEG engine drivers in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (system crash) via a large number of commands in an ioctl call, related to (1) camera_v1/gemini/msm_gemini_sync.c, (2) camera_v2/gemini/msm_gemini_sync.c, (3) camera_v2/jpeg_10/msm_jpeg_sync.c, (4) gemini/msm_gemini_sync.c, (5) jpeg_10/msm_jpeg_sync.c, and (6) mercury/msm_mercury_sync.c.

Related bugs and status

CVE-2013-4736 (Candidate) is related to these bugs:

Bug #1279982: CVE-2013-4736

		In	Importance	Status
1279982	CVE-2013-4736	linux (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-fsl-imx51 (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-mvl-dove (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-backport-maverick (Ubuntu)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-lts-backport-natty (Ubuntu)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-ti-omap4 (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-ec2 (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-ec2 (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-fsl-imx51 (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-backport-maverick (Ubuntu Trusty)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-lts-backport-natty (Ubuntu Trusty)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-mvl-dove (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-ti-omap4 (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-backport-maverick (Ubuntu Saucy)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-lts-backport-natty (Ubuntu Saucy)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-lts-backport-maverick (Ubuntu Quantal)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-lts-backport-natty (Ubuntu Quantal)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-ec2 (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-fsl-imx51 (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-backport-maverick (Ubuntu Precise)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-lts-backport-natty (Ubuntu Precise)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-mvl-dove (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-ti-omap4 (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-backport-maverick (Ubuntu Lucid)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-lts-backport-natty (Ubuntu Lucid)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-armadaxp (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-armadaxp (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-armadaxp (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-saucy (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-saucy (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-saucy (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-quantal (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-quantal (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-quantal (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-raring (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-raring (Ubuntu Precise)	Low	Won't Fix
1279982	CVE-2013-4736	linux-lts-raring (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-trusty (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-trusty (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-trusty (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-backport-maverick (Ubuntu Utopic)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-lts-backport-natty (Ubuntu Utopic)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-armadaxp (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-ec2 (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-fsl-imx51 (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-backport-maverick (Ubuntu Vivid)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-lts-backport-natty (Ubuntu Vivid)	Undecided	Won't Fix
1279982	CVE-2013-4736	linux-lts-quantal (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-raring (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-saucy (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-trusty (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-mvl-dove (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-ti-omap4 (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-goldfish (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-goldfish (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-goldfish (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-goldfish (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-flo (Ubuntu)	Low	New
1279982	CVE-2013-4736	linux-flo (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-flo (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-flo (Ubuntu Vivid)	Low	New
1279982	CVE-2013-4736	linux-mako (Ubuntu)	Low	New
1279982	CVE-2013-4736	linux-mako (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-mako (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-mako (Ubuntu Vivid)	Low	New
1279982	CVE-2013-4736	linux-lts-utopic (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-utopic (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-utopic (Ubuntu Trusty)	Low	Invalid
1279982	CVE-2013-4736	linux-lts-utopic (Ubuntu Vivid)	Low	Invalid
1279982	CVE-2013-4736	linux-manta (Ubuntu)	Low	Invalid
1279982	CVE-2013-4736	linux-manta (Ubuntu Precise)	Low	Invalid
1279982	CVE-2013-4736	linux-manta (Ubuntu Trusty)	Low	Invalid

See the

CVE page on Mitre.org for more details.

References

CONFIRM: https://www.codeaurora...