UBUNTU-CVE-2014-0972

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2014-0972

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-0972.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2014-0972

Related

CVE-2014-0972

Withdrawn

2025-06-23T15:52:37Z

Published

2014-08-01T11:13:00Z

Modified

2025-01-13T10:21:05Z

Summary

[none]

Details

The kgsl graphics driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not properly prevent write access to IOMMU context registers, which allows local users to select a custom page table, and consequently write to arbitrary memory locations, by using a crafted GPU command stream to modify the contents of a certain register.

References

Affected packages

Ubuntu:Pro:16.04:LTS / linux-flo

Package

Name: linux-flo
Purl: pkg:deb/ubuntu/linux-flo@3.4.0-5.23?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.4.0-5.19

3.4.0-5.22

3.4.0-5.23

Ecosystem specific

{
    "ubuntu_priority": "high"
}

Ubuntu:Pro:16.04:LTS / linux-mako

Package

Name: linux-mako
Purl: pkg:deb/ubuntu/linux-mako@3.4.0-7.44?arch=source&distro=esm-apps/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.4.0-7.39

3.4.0-7.40

3.4.0-7.41

3.4.0-7.44

Ecosystem specific

{
    "ubuntu_priority": "high"
}