Revision history [back]
 | 1 | initial version | posted 2017-07-20 11:29:51 +0200  |
Check validity of userspace address in kernel-msm-vidc CVE-2014-9880 remote
drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769352 and Qualcomm internal bug CR556356. medium (attack range: remote) CVSSv3: 7.8
file affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/video/msm/vidc/common/enc/venc.c lines 1325-1330
| | 2 | No.2 Revision |
Check validity of userspace address in kernel-msm-vidc CVE-2014-9880 remote
drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769352 and Qualcomm internal bug CR556356. medium (attack range: remote) CVSSv3: 7.8
Patch is available on codeaurora.org
file File affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/video/msm/vidc/common/enc/venc.c lines 1325-1330
| | 3 | No.3 Revision |
Check validity of userspace address in kernel-msm-vidc CVE-2014-9880 remote
drivers/video/msm/vidc/common/enc/venc.c in the Qualcomm components in Android before 2016-08-05 does not validate VEN_IOCTL_GET_SEQUENCE_HDR ioctl calls, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769352 and Qualcomm internal bug CR556356. medium (attack range: remote) CVSSv3: 7.8
Patch is available on codeaurora.orgcodeaurora.org.
File affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/video/msm/vidc/common/enc/venc.c lines 1325-1330