In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked userspace value (ioctl_ptr->len) is used to copy contents to a kernel buffer which can lead to kernel buffer overflow.
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/pixel/2017-11-01 | Patch Vendor Advisory |
Configurations
Information
Published : 2017-11-16 14:29
Updated : 2017-11-30 11:22
NVD link : CVE-2017-11029
Mitre link : CVE-2017-11029
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
- android