CVE-2014-0974 in Little Kernel Bootloader
Resumen (Inglés)
The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate a certain address value, which allows attackers to write data to a controllable memory location by leveraging the ability to initiate an attempted boot of an arbitrary image.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Reservar
2014-01-07
Divulgación
2014-08-24
Estado
Confirmado
Voces
VulDB provides additional information and datapoints for this CVE:
| ID | Vulnerabilidad | CWE | Exp | Con | CVE |
|---|---|---|---|---|---|
| 70721 | Little Kernel Bootloader boot_linux_from_mmc escalada de privilegios | 264 | No está definido | No está definido | CVE-2014-0974 |
Descripción
CPE
CWE
CVSS
Hazañas
Historia
Diferencia
Relacionar
Inteligencia de amenazas
API JSON
API XML
API CSV