CVE-2013-2597 — Code Aurora ACDB Audio Driver Stack-based Buffer Overflow Vulnerability

2022-09-15 • CISA Known Exploited Vulnerability

[event] The Code Aurora audio calibration database (acdb) audio driver contains a stack-based buffer overflow vulnerability that allows for privilege escalation. Code Aurora is used in third-party products such as Qualcomm and Android.

> AFFECTED SOFTWARE

Field	Value
Vendor	Code Aurora
Product	ACDB Audio Driver
CWE	CWE-119
CVE ID	CVE-2013-2597
Date Added	2022-09-15
Due Date	2022-10-06
Ransomware Campaign	Unknown

> MITIGATION

Apply updates per vendor instructions.

Due Date: 2022-10-06

> REFERENCES

[1] https://web.archive.org/web/20161226013354/https:/www.codeaurora.org/news/securi...
[2] https://nvd.nist.gov/vuln/detail/CVE-2013-2597