commit | 8346449288d0b7efa1dff9816589d6183de58954 | [log] [tgz] |
---|---|---|
author | Teow Wan Yee <wy.teow@hi-p.com> | Wed Aug 17 15:38:21 2016 +0800 |
committer | Jeron Susan <jeron.susan@hi-p.com> | Wed Aug 17 16:30:42 2016 +0800 |
tree | eb562c785e3a276c99ded74ff475b97d2b370ea8 | |
parent | eb05ec70b1dce87c21a8053dae7a4fd67f71b7f6 [diff] |
FPII-2326 : Elevation of privilege vulnerability in Synaptics touchscreen driver CVE-2016-3865 A-28799389 There is a possible stack overflow vulnerability in the rmidev_write function because the stack array size is from user space. The fix is designed to allocate heap memory for the temporary buffer instead of stack memory to prevent the stack overflow vulnerability Change-Id: I6d272a2e6e983fe4191e0a8bb5ef153670905e0e