Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 179e669a4f3660dcd2a23c80cc33c880f002374f
commit179e669a4f3660dcd2a23c80cc33c880f002374f[log] [tgz]
authorPeter Lee <peter.lee@hi-p.com>Mon Oct 24 13:15:30 2016 +0800
committerTeemu Hukkanen <teemu@fairphone.com>Sat Nov 19 13:06:25 2016 +0100
treeadd58b5c16728dd54c72715d47354e572a33cd60
parentf2bfbf7c72f13ce0bd58802379e8b7664adcaf1a [diff]
FPII-2519 : Elevation of privilege vulnerability in Synaptics touchscreen driver CVE-2016-6742 A-30799828

High

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process.

Additional technical details:

A-30799828

In the fwu_sysfs_store_image function, there is no validation of the count variable leading to a potential heap overflow.

The fix is designed to add additional bounds checks to prevent the potential heap overflow.

Code snippet provided in bulletin patches zip file in the Downloads section: https://support.google.com/androidpartners_security/answer/7169146?hl=en&ref_topic=6353496#downloads

Change-Id: If99d8b69ed65a81cb81ce2dfa118a575ca511bf1
1 file changed
tree: add58b5c16728dd54c72715d47354e572a33cd60
  1. arch/
  2. block/
  3. crypto/
  4. Documentation/
  5. drivers/
  6. firmware/
  7. fs/
  8. include/
  9. init/
  10. ipc/
  11. kernel/
  12. lib/
  13. mm/
  14. net/
  15. samples/
  16. scripts/
  17. security/
  18. sound/
  19. tools/
  20. usr/
  21. virt/
  22. .gitignore
  23. .mailmap
  24. AndroidKernel.mk
  25. COPYING
  26. CREDITS
  27. Kbuild
  28. Kconfig
  29. MAINTAINERS
  30. Makefile
  31. README
  32. REPORTING-BUGS