CVE-2013-4737

Published: Feb 15, 2014Modified: Apr 29, 2026

9.3

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploitability: 8.6 / Impact: 10.0

Source: NVD

Description

The CONFIG_STRICT_MEMORY_RWX implementation for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly consider certain memory sections, which makes it easier for attackers to bypass intended access restrictions by leveraging the presence of RWX memory at a fixed location.

Affected (1)

Products: Qualcomm: Quic Mobile Station Modem Kernel

1 product

Quic Mobile Station Modem Kernel

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Qualcomm Quic Mobile Station Modem Kernel	Version 3.10

Related CWEs

References (2)

https://www.codeaurora.org/projects/security-advisories/configstrictmemoryrwx-not-strictly-enforced-cve-2013-4737

Source: cve@mitre.org

PatchVendor Advisory

https://www.codeaurora.org/projects/security-advisories/configstrictmemoryrwx-not-strictly-enforced-cve-2013-4737

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.