CVE-2014-0974 in Little Kernel Bootloader
摘要 (英语)
The boot_linux_from_mmc function in app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly validate a certain address value, which allows attackers to write data to a controllable memory location by leveraging the ability to initiate an attempted boot of an arbitrary image.
预定
2014-01-07
披露
2014-08-24
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 70721 | Little Kernel Bootloader boot_linux_from_mmc 权限提升 | 264 | 未定义 | 未定义 | CVE-2014-0974 |