CVE-2012-4221

EUVD-2012-4165
Integer overflow in diagchar_core.c in the Qualcomm Innovation Center (QuIC) Diagnostics (aka DIAG) kernel-mode driver for Android 2.3 through 4.2 allows attackers to execute arbitrary code or cause a denial of service via an application that uses crafted arguments in a local diagchar_ioctl call.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 68%
Affected Products (NVD)
VendorProductVersion
googleandroid
2.3
googleandroid
2.3:rev1
googleandroid
2.3.1
googleandroid
2.3.2
googleandroid
2.3.3
googleandroid
2.3.4
googleandroid
2.3.5
googleandroid
2.3.6
googleandroid
2.3.7
googleandroid
3.0
googleandroid
3.1
googleandroid
3.2
googleandroid
3.2.1
googleandroid
3.2.2
googleandroid
3.2.4
googleandroid
3.2.6
googleandroid
4.0
googleandroid
4.0.1
googleandroid
4.0.2
googleandroid
4.0.3
googleandroid
4.0.4
googleandroid
4.1
googleandroid
4.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.106-3
fixed
bookworm (security)
6.1.112-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.226-1
fixed
sid
6.11.6-1
fixed
trixie
6.11.5-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
linux
hardy
not-affected
lucid
not-affected
oneiric
not-affected
precise
not-affected
quantal
not-affected
linux-armadaxp
hardy
dne
lucid
dne
oneiric
dne
precise
not-affected
quantal
not-affected
linux-ec2
hardy
dne
lucid
not-affected
oneiric
dne
precise
dne
quantal
dne
linux-fsl-imx51
hardy
dne
lucid
ignored
oneiric
dne
precise
dne
quantal
dne
linux-linaro-omap
hardy
dne
lucid
dne
oneiric
ignored
precise
ignored
quantal
ignored
linux-linaro-shared
hardy
dne
lucid
dne
oneiric
ignored
precise
ignored
quantal
ignored
linux-linaro-vexpress
hardy
dne
lucid
dne
oneiric
ignored
precise
ignored
quantal
ignored
linux-lts-backport-maverick
hardy
dne
lucid
ignored
oneiric
dne
precise
dne
quantal
dne
linux-lts-backport-oneiric
hardy
dne
lucid
not-affected
oneiric
dne
precise
dne
quantal
dne
linux-lts-quantal
hardy
dne
lucid
dne
oneiric
dne
precise
not-affected
quantal
dne
linux-mvl-dove
hardy
dne
lucid
ignored
oneiric
dne
precise
dne
quantal
dne
linux-qcm-msm
hardy
dne
lucid
ignored
oneiric
ignored
precise
ignored
quantal
ignored
linux-ti-omap4
hardy
dne
lucid
dne
oneiric
not-affected
precise
not-affected
quantal
not-affected
Common Weakness Enumeration
References
http://www.kb.cert.org/vuls/id/702452
https://www.codeaurora.org/projects/security-advisories/multiple-issues-diagkgsl-system-call-handling-cve-2012-4220-cve-2012
http://www.kb.cert.org/vuls/id/702452
https://www.codeaurora.org/projects/security-advisories/multiple-issues-diagkgsl-system-call-handling-cve-2012-4220-cve-2012