CVE-2012-4220

diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service (incorrect pointer dereference) via an application that uses crafted arguments in a local diagchar_ioctl call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 94%
VendorProductVersion
googleandroid
2.3
googleandroid
2.3:rev1
googleandroid
2.3.1
googleandroid
2.3.2
googleandroid
2.3.3
googleandroid
2.3.4
googleandroid
2.3.5
googleandroid
2.3.6
googleandroid
2.3.7
googleandroid
3.0
googleandroid
3.1
googleandroid
3.2
googleandroid
3.2.1
googleandroid
3.2.2
googleandroid
3.2.4
googleandroid
3.2.6
googleandroid
4.0
googleandroid
4.0.1
googleandroid
4.0.2
googleandroid
4.0.3
googleandroid
4.0.4
googleandroid
4.1
googleandroid
4.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.226-1
fixed
bookworm
6.1.106-3
fixed
bookworm (security)
6.1.112-1
fixed
trixie
6.11.5-1
fixed
sid
6.11.6-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
quantal
not-affected
precise
not-affected
oneiric
not-affected
lucid
not-affected
hardy
not-affected
linux-armadaxp
quantal
not-affected
precise
not-affected
oneiric
dne
lucid
dne
hardy
dne
linux-ec2
quantal
dne
precise
dne
oneiric
dne
lucid
not-affected
hardy
dne
linux-fsl-imx51
quantal
dne
precise
dne
oneiric
dne
lucid
ignored
hardy
dne
linux-linaro-omap
quantal
ignored
precise
ignored
oneiric
ignored
lucid
dne
hardy
dne
linux-linaro-shared
quantal
ignored
precise
ignored
oneiric
ignored
lucid
dne
hardy
dne
linux-linaro-vexpress
quantal
ignored
precise
ignored
oneiric
ignored
lucid
dne
hardy
dne
linux-lts-backport-maverick
quantal
dne
precise
dne
oneiric
dne
lucid
ignored
hardy
dne
linux-lts-backport-oneiric
quantal
dne
precise
dne
oneiric
dne
lucid
not-affected
hardy
dne
linux-lts-quantal
quantal
dne
precise
not-affected
oneiric
dne
lucid
dne
hardy
dne
linux-mvl-dove
quantal
dne
precise
dne
oneiric
dne
lucid
ignored
hardy
dne
linux-qcm-msm
quantal
ignored
precise
ignored
oneiric
ignored
lucid
ignored
hardy
dne
linux-ti-omap4
quantal
not-affected
precise
not-affected
oneiric
not-affected
lucid
dne
hardy
dne
References
http://www.kb.cert.org/vuls/id/702452
https://www.codeaurora.org/projects/security-advisories/multiple-issues-diagkgsl-system-call-handling-cve-2012-4220-cve-2012
http://www.kb.cert.org/vuls/id/702452
https://www.codeaurora.org/projects/security-advisories/multiple-issues-diagkgsl-system-call-handling-cve-2012-4220-cve-2012