VYPR
Unrated severityNVD Advisory· Published Dec 12, 2014· Updated Jun 17, 2026

CVE-2014-4323

CVE-2014-4323

Description

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows attackers to gain privileges via a crafted application.

Affected products

1
  • cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
    Range: >=3.0.0,<=3.16.1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.