← Back to CVEs
CVE-2013-2597
HIGHCISA KEV8.4
Description
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument.
CVE Details
CVSS v3.1 Score8.4
SeverityHIGH
CVSS VectorCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorLOCAL
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published8/31/2014
Last Modified4/22/2026
Sourcekev
Honeypot Sightings0
CISA KEV
VendorCode Aurora
ProductACDB Audio Driver
Vulnerability NameCode Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability
KEV Date Added2022-09-15
Remediation Due Date2022-10-06
Ransomware UseUnknown
Affected Products
codeaurora:android-msm
Weaknesses (CWE)
CWE-121
References
https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-acdb-audio-driver-cve-2013-2597(cve@mitre.org)
https://www.codeaurora.org/projects/security-advisories/stack-based-buffer-overflow-acdb-audio-driver-cve-2013-2597(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2013-2597(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.