We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2017-06-22 12:27:06 +0200

Validate userspace buffer count in kernel-msm-vidc CVE-2014-9778 remote

Description

The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598515 and Qualcomm internal bug CR563694.
CVSS v3 Base:7.8high (attack range: remote)

Patch is available: link

File affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/video/msm/vidc/common/dec/vdec.c lines: 867-872

Validate userspace buffer count in kernel-msm-vidc CVE-2014-9778 remote

Description

The vid_dec_set_h264_mv_buffers function in drivers/video/msm/vidc/common/dec/vdec.c in the Qualcomm components in Android before 2016-07-05 does not validate the number of buffers, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28598515 and Qualcomm internal bug CR563694.
CVSS v3 Base:7.8high (attack range: remote)

Patch is available: link

File Files affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/video/msm/vidc/common/dec/vdec.c lines: 867-872867-872
kernel-adaptation-sbj-3.4.108.20161101.1/include/media/msm/vidc_init.h lines 20-22