color map copying bounds checking in kernel-drivers-video-fbdev CVE-2016-8405

Tracked by Jolla

asked 2017-05-03 12:18:43 +0300

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2017-11-13 09:12:44 +0300

lpr gravatar image


An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Android ID: A-31651010.

Patch is available.

File affected: kernel-adaptation-sbj- lines 164-176; 188-202

edit 20171113: just a reminder...

edit retag flag offensive close delete