When processing the __NR_perf_event_open system call, if bits 12-15 of the config parameter are 0x1, 0x2, or 0x3, a buffer overflow occurs.
Access Vector: Local
Security Risk: High
Vulnerability: CWE-120 (Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'))
All Android releases from CAF using the Linux kernel.
We advise customers to apply the following patches:
Please reference Google's February 2016 Nexus Security Advisory. This issue is ANDROID-25773204.