Fix various small issues in cci driver in kernel-msm-camera CVE-2014-9783 remote

asked 2017-07-25 18:49:42 +0300

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2017-08-10 12:45:56 +0300

lpr gravatar image

drivers/media/platform/msm/camera_v2/sensor/cci/msm_cci.c in the Qualcomm components in Android before 2016-07-05 does not validate certain values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28441831 and Qualcomm internal bug CR511382. CVSS v3 Base Score: 7.8 High remote

Patch is availableon codeaurora.org.

file affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/media/video/msm/cci/msm_cci.c lines 67-97 ; 150-155; 336-337(insert before), 253-258; 336-341; 345-346(insert before); 360-366; 480-492; + defines of CCI_I2C_READ_MAX_RETRIES, CCI_I2C_MAX_READ and CCI_I2C_MAX_WRITE , MSM_CAMERA_I2C_ADDR_TYPE_MAX, MSM_CAMERA_I2C_DATA_TYPE_MAX

edit retag flag offensive close delete