remove entry from qseecom_registered_app_list in kernel-drivers-qseecom CVE-2016-8480 remote
asked 2017-07-06 15:51:49 +0200
This post is a wiki. Anyone with karma >75 is welcome to improve it.
Description
An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31804432. References: QC-CR#1086186. CVSS v3 Base Score:7.0 High remote
File affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/misc/qseecom.c lines: 639-644; 658-660; 740-745