We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2017-06-22 13:08:54 +0200

lpr gravatar image

Change __copy_from_user to copy_from_user in kernel-drivers-qseecom CVE-2014-9785 remote

Description
drivers/misc/qseecom.c in the Qualcomm components in Android before 2016-07-05 does not validate addresses before copying data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28469042 and Qualcomm internal bug CR545747. CVSS v3 Base:7.8high (attack range: remote)

Patch available: link

File affected: /kernel-adaptation-sbj-3.4.108.20161101.1/drivers/misc/qseecom.c lines 498fol.; 641fol.; 1314 fol ; 1457 fol

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49