CVE-2013-4738

CVE Database · CVE-2013-4738

CVE-2013-4738

· N/AModified

CVSS v3.1

N/A

EPSS

0.27%

Published

Feb 3, 2014

Modified

Apr 28, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Multiple stack-based buffer overflows in the MSM camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to gain privileges via (1) a crafted VIDIOC_MSM_VPE_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/vpe/msm_vpe.c, or (2) a crafted VIDIOC_MSM_CPP_DEQUEUE_STREAM_BUFF_INFO ioctl call, related to drivers/media/platform/msm/camera_v2/pproc/cpp/msm_cpp.c.

Weaknesses (CWE)

CWE-119

Affected Products (2)

codeaurora · android-msmvulnerable

qualcomm · quic_mobile_station_modem_kernelvulnerable

References (4)

http://www.openwall.com/lists/oss-security/2013/10/15/4

https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-and-memory-disclosure-camera-driver-cve-2013-4748-cve-2013-4739

Vendor Advisory

http://www.openwall.com/lists/oss-security/2013/10/15/4

https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-and-memory-disclosure-camera-driver-cve-2013-4748-cve-2013-4739

Vendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs