In Android before 2017-08-05 on Qualcomm MSM, Firefox OS for MSM, QRD Android, and all Android releases from CAF using the Linux kernel, if kernel memory address is passed from userspace through iris_vidioc_s_ext_ctrls ioctl, it will print kernel address data. A user could set it to an arbitrary kernel address, hence information disclosure (for kernel) could occur.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: qualcomm
Published: 2018-03-30T15:00:00Z
Updated: 2024-09-17T00:11:47.108Z
Reserved: 2017-06-15T00:00:00
Link: CVE-2017-9681
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-03-30T15:29:00.667
Modified: 2018-04-20T18:00:42.713
Link: CVE-2017-9681
Redhat
No data.