Bound check num_cid from userspace in csid driver in kernel-msm-camera CVE-2014-9866 remote
asked 2017-07-27 12:31:53 +0300
This post is a wiki. Anyone with karma >75 is welcome to improve it.
drivers/media/platform/msm/camera_v2/sensor/csid/msm_csid.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices does not validate a certain parameter, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28747684 and Qualcomm internal bug CR511358. CVSS v3 Base Score: 7.8 High remote
Patchis available on codeaurora.org.
file affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/media/video/msm/csi/msm_csid.c lines 446-448
@jovirkku this should have a "tracked by jolla" label
lpr ( 2017-09-19 09:38:35 +0300 )edit