Added Buffer overflow check in kernel-Asoc-msm CVE-2014-9874 remote

Tracked by Jolla (Rejected)

asked 2017-08-10 11:48:23 +0200

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2017-08-10 11:48:23 +0200

lpr gravatar image

Buffer overflow in the Qualcomm components in Android before 2016-08-05 allows attackers to gain privileges via a crafted application, related to arch/arm/mach-msm/qdsp6v2/audio_utils.c and sound/soc/msm/qdsp6v2/q6asm.c, aka Android internal bug 28751152 and Qualcomm internal bug CR563086. CVSS v3 Base Score: 7.8 High (attack range: remote)

Patch available.

Files affected: kernel-adaptation-sbj-3.4.108.20161101.1/arch/arm/mach-msm/qdsp6v2/audio_utils.c lines 23-28; 257-262

kernel-adaptation-sbj-3.4.108.20161101.1/sound/soc/msm/qdsp6v2/q6asm.c lines 55-60; 608-613

edit retag flag offensive close delete