Fix various small issues in cci driver in kernel-msm-camera CVE-2014-9783 remote

Tracked by Jolla

asked 2017-07-25 18:49:42 +0300

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2018-07-17 09:55:31 +0300

lpr gravatar image

drivers/media/video/msm/cci/msm_cci.c in the Qualcomm components in Android before 2016-07-05 does not validate certain values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28441831 and Qualcomm internal bug CR511382. CVSS v3 Base Score: 7.8 High remote

Patch is availableon

file affected: kernel-adaptation-sbj- lines 67-97 ; 150-155; 336-337(insert before), 253-258; 336-341; 345-346(insert before); 360-366; 480-492; + defines of CCI_I2C_READ_MAX_RETRIES, CCI_I2C_MAX_READ and CCI_I2C_MAX_WRITE , MSM_CAMERA_I2C_ADDR_TYPE_MAX, MSM_CAMERA_I2C_DATA_TYPE_MAX

edit retag flag offensive close delete


@jovirkku this should have a "tracked by jolla" label

lpr ( 2017-09-19 09:41:29 +0300 )edit