CVE-2013-3685 – Sprite Software Android Race Condition

https://notcve.org/view.php?id=CVE-2013-3685

A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges. Se presenta una Vulnerabilidad de Escalada de Privilegios en Sprite Software Spritebud versiones 1.3.24 y 1.3.28 y Backup versiones 2.5.4105 y 2.5.4108, en los teléfonos inteligentes LG con Android debido a una condición de carrera en el demonio spritebud, lo que podría permitir a un usuario malicioso local obtener privilegios root. A race condition in Sprite Software's backup software on Android devices allows for code execution as root. • http://www.securityfocus.com/bid/60749 https://androidvulnerabilities.org/all https://exchange.xforce.ibmcloud.com/vulnerabilities/85296 https://seclists.org/fulldisclosure/2013/Jun/196 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •