Validate the incoming length from user space in kernel-drivers-qseecom CVE-2014-9787 remote
Tracked by Jolla
(In progress)
asked 2017-06-22 13:16:12 +0200
This post is a wiki. Anyone with karma >75 is welcome to improve it.
Integer overflow in drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 28571496 and Qualcomm internal bug CR545764. CVSS v3 Base:7.8 high (attack range: remote)
Patch available: link
File affected: /kernel-adaptation-sbj-3.4.108.20161101.1/drivers/misc/qseecom.c lines 973-978