CVE-2013-6124

Published: Aug 31, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary file via an attack on the sensor-settings file.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.codeaurora.org/projects/security-advisories/insecure-owner-permission-changes-init-shell-scripts-cve-2013-6124

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2013-6124

Description

Affected Products

References