We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2017-07-13 12:24:16 +0200

lpr gravatar image

Validate input arguments from user space in kernel-msm-mdp CVE-2014-4323 remote

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows attackers to gain privileges via a crafted application. CVSS v2 Base Score: 7.5 HIGH Access Vector: Network exploitable

Patch is available.

file affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/video/msm/mdp.c lines 501-506

Copyright © Jolla Ltd. 2013-2019. All rights reserved.
about | faq | help | privacy policy | terms of service | give feedback
Powered by Askbot version 0.7.49