Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / b244ce56bea34053dd020459a3cf5f6b5aee670d
commitb244ce56bea34053dd020459a3cf5f6b5aee670d[log] [tgz]
authorTeow Wan Yee <wy.teow@hi-p.com>Tue Nov 22 15:12:31 2016 +0800
committerTeemu Hukkanen <teemu@fairphone.com>Fri Dec 16 18:59:55 2016 +0100
treef236da9511cce091121b49ec3d6e8bc9e358c38a
parent77719ec1360b4ad1ce3f76b561c8031a62f7a53f [diff]
FPII-2615: Information disclosure vulnerability in kernel components (device specific)
CVE-2016-8404 A-31496950

An information disclosure vulnerability in kernel components including the ION subsystem, Binder,
USB driver and networking subsystem could enable a local malicious application to access data
outside of its permission levels. This issue is rated as Moderate because it first requires
compromising a privileged process.

Additional technical details:

Bug Details
 A-31494725
 A-31495231
 A-31495348
 A-31496950
 A-31796940
 A-31802656
 The format specifier %p can leak kernel addresses.

The fix is designed to use %pK instead of %p, which also evaluates whether kptr_restrict is set.

Change-Id: I0519a15d56caf0368eeb24d727ab0ad78b53d34f
1 file changed
tree: f236da9511cce091121b49ec3d6e8bc9e358c38a
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. AndroidKernel.mk
  25. COPYING
  26. CREDITS
  27. Kbuild
  28. Kconfig
  29. MAINTAINERS
  30. Makefile
  31. README
  32. REPORTING-BUGS