The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local users to unlock the bootloader by using kernel mode to perform crafted 0x9 and 0x2 SMC operations, a different vulnerability than CVE-2013-2596.
Max CVSS
6.2
EPSS Score
0.07%
Published
2013-04-13
Updated
2013-04-15
CVE-2013-2596
Known exploited
Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program.
Max CVSS
6.9
EPSS Score
0.90%
Published
2013-04-13
Updated
2023-08-11
CISA KEV Added
2022-09-15
2 vulnerabilities found