CVE-2013-3051

Severity CVSS v4.0:

Pending analysis

Type:

CWE-16 Configuration Errors

Publication date:

13/04/2013

Last modified:

11/04/2025

Description

The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local users to unlock the bootloader by using kernel mode to perform crafted 0x9 and 0x2 SMC operations, a different vulnerability than CVE-2013-2596.

Impact

Vector 2.0

AV:L/AC:H/Au:N/C:C/I:C/A:C CVSS v2.0 Severity and Metrics:

Base Score: 6.20 MEDIUM
Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

Attack Vector (AV): Local
Attack Complexity (AC): High
Authentication (Au): None
Confidentiality (C): Complete
Integrity (I): Complete
Availability (A): Complete

Base Score 2.0

6.20

Severity 2.0

MEDIUM

Vulnerable products and versions

CPE	From	Up to
cpe:2.3:h:qualcomm:msm8960:-:::::::*
cpe:2.3:o:motorola:android:4.1.2:::::::*
cpe:2.3:h:motorola:atrix_hd:-:::::::*
cpe:2.3:h:motorola:razr_hd:-:::::::*
cpe:2.3:h:motorola:razr_m:-:::::::*

To consult the complete list of CPE names with products and versions, see this page

CPE	From	Up to
cpe:2.3:h:qualcomm:msm8960:-:::::::*
cpe:2.3:o:motorola:android:4.1.2:::::::*
cpe:2.3:h:motorola:atrix_hd:-:::::::*
cpe:2.3:h:motorola:razr_hd:-:::::::*
cpe:2.3:h:motorola:razr_m:-:::::::*

CVE-2013-3051

Description

Impact

Vulnerable products and versions

References to Advisories, Solutions, and Tools