Gitiles
Code Review Sign In
gerrit-public.fairphone.software / fp2-dev / kernel / msm / refs/tags/FP2-open-16.11.0
commitb9e0cc0e5c36cc7cc49f05475dfc3444abab109b[log] [tgz]
authorPeter Lee <peter.lee@hi-p.com>Mon Oct 24 14:06:08 2016 +0800
committerTeemu Hukkanen <teemu@fairphone.com>Sat Nov 19 13:19:11 2016 +0100
tree7447cf9c6e19326ccdc74ea64f2a91a15a6f5e59
parent179e669a4f3660dcd2a23c80cc33c880f002374f [diff]
FPII-2520 : Elevation of privilege vulnerability in Synaptics touchscreen driver CVE-2016-6743 A-30937462

High

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process.

Additional technical details:

A-30937462

In the fwu_sysfs_store_image function, there is no validation of the count variable leading to a potential heap overflow.

The fix is designed to add additional bounds checks to prevent the potential heap overflow.

Code snippet provided in bulletin patches zip file in the Downloads section: https://support.google.com/androidpartners_security/answer/7169146?hl=en&ref_topic=6353496#downloads

Change-Id: I21619de1d5b18f0f7a4d1514c6f5c65860f1303e
1 file changed
tree: 7447cf9c6e19326ccdc74ea64f2a91a15a6f5e59
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. AndroidKernel.mk
  25. COPYING
  26. CREDITS
  27. Kbuild
  28. Kconfig
  29. MAINTAINERS
  30. Makefile
  31. README
  32. REPORTING-BUGS