fix to prevent kernel heap buffer overflow in kernel-msm-actuator CVE-2014-9786 remote

asked 2017-07-27 11:24:38 +0300

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2017-08-10 12:45:15 +0300

lpr gravatar image

Heap-based buffer overflow in drivers/media/platform/msm/camera_v2/sensor/actuator/msm_actuator.c in the Qualcomm components in Android before 2016-07-05 allows attackers to gain privileges via a crafted application, aka Android internal bug 28557260 and Qualcomm internal bug CR545979. CVSS v3 Base Score: 7.8 High remote

Patch is availableon codeaurora.org.

file affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/media/video/msm/actuators/msm_actuator.c lines 152-153; 590-595 (except 592,593 original ", __func__" should not be forgotten)

edit retag flag offensive close delete