{
  "name" : "Qualcomm missing checks put_user get_user",
  "CVE" : [["CVE-2013-6282","QCIR-2013-00010-1"]],
  "Coordinated_disclosure" : "false",
  "Categories" : ["kernel"],
  "Details" : [["Missing access checks in put_user/get_user kernel API (CVE-2013-6282 QCIR-2013-00010-1): The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. This functionality was originally implemented and controlled by the domain switching feature (CONFIG_CPU_USE_DOMAINS), which has been deprecated due to architectural changes. As a result, any kernel code using these API functions may introduce a security issue where none existed before. This allows an application to read and write kernel memory to, e.g., escalated privileges.","QCIR-2013-00010-1"]],
  "Discovered_by" : [["Unknown, used in vroot exploit","QCIR-2013-00010-1"]],
  "Discovered_on" : [{"date":"2013-09-06","bound":"before","ref":"xda-developers-vroot"}],
  "Submission" : [{"by":"drt24","on":"2013-11-20"}],
  "Reported_on" : [["2013-09-06","xda-developers-vroot"]],
  "Fixed_on" : [["2012-09-07","msm-check_user_pointer-patch"],["2013-07-15","msm-check_user_pointer-patch"]],
  "Fix_released_on" : [],
  "Affected_versions" : [],
  "Affected_devices" : [],
  "Affected_versions_regexp" : [],
  "Affected_manufacturers" : [["Qualcomm","QCIR-2013-00010-1"]],
  "Fixed_versions" : [],
  "references" : {
    "QCIR-2013-00010-1" : {
      "url" : "https://www.codeaurora.org/projects/security-advisories/missing-access-checks-putusergetuser-kernel-api-cve-2013-6282",
      "archiveurl" : "https://web.archive.org/web/20170321200949/https://www.codeaurora.org/projects/security-advisories/missing-access-checks-putusergetuser-kernel-api-cve-2013-6282"
    },
    "xda-developers-vroot" : {
      "url" : "http://forum.xda-developers.com/showthread.php?t=2434453"
    },
    "msm-check_user_pointer-patch" : {
      "url" : "https://www.codeaurora.org/cgit/quic/la/kernel/msm/commit/?id=76565e3d786bed66f247c682bd9f591098522483",
      "component" : "quic/la/kernel/msm",
      "commit" : "76565e3d786bed66f247c682bd9f591098522483"
    }
  },
  "Surface": ["local", "app"],
  "Vector": ["memory-corruption"],
  "Target": ["kernel"],
  "Channel": ["app-execution"],
  "Condition": ["affected-app-installed", "app-uses-vulnerable-api-functions"],
  "Privilege": ["kernel"]
}