Fix buffer overflow in voice driver in kernel-ASoC-msm-qdsp6 CVE-2014-9788 remote

asked 2017-07-27 11:44:38 +0200

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2017-08-10 12:40:20 +0200

lpr gravatar image

Multiple buffer overflows in the voice drivers in the Qualcomm components in Android before 2016-07-05 allow attackers to gain privileges via a crafted application, aka Android internal bug 28573112 and Qualcomm internal bug CR548872. CVSS v3 Base Score: 7.8 High remote

Patch availableon codeaurora.org.

file affected: kernel-adaptation-sbj-3.4.108.20161101.1/sound/soc/msm/qdsp6/q6voice.c lines 1315-1320; 1727-1732; 1861-1867

edit retag flag offensive close delete

Comments

@jovirkku this should have a "tracked by jolla" label

lpr ( 2017-09-19 09:39:35 +0200 )edit