We have moved to a new Sailfish OS Forum. Please start new discussions there.

Revision history [back]

click to hide/show revision 1
initial version

posted 2017-08-10 12:33:43 +0200

Fix possible underflow/overflow issues in kernel-drivers-diag CVE-2014-9876 remote

drivers/char/diag/diagfwd.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6, 6P, and 7 (2013) devices mishandles certain integer values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28767796 and Qualcomm internal bug CR483408. CVSS v3 Base Score: 7.8 High (attack range: remote)

Patch available.

File affected: kernel-adaptation-sbj-3.4.108.20161101.1/drivers/char/diag/diagfwd.c lines 100-106; 1630-1632