Loading
Generated remediation guidance and an executive summary. No account required.
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary file via an attack on the sensor-settings file.
Use CWE-59, Codeaurora vendor hub and Android-Msm product page to widen CVE-2013-6124 into its surrounding weakness, vendor, and product context.
Compare it with CVE-2013-2597, CVE-2013-4736 and CVE-2013-2595 for nearby disclosures in the same product family.