Buffer Overflow in MSM Thermal Driver Allows Privilege Escalation (CVE-2016-2411)
Release Date:
April 20, 2016
Affected Projects:
Android for MSMFirefox OS for MSMQRD Android
Advisory ID:
QCIR-2016-00007-1
CVE ID(s):
Summary:
CVE-2016-2411: When processing the MSM_THERMAL_GET_CLUSTER_FREQUENCY_PLAN or MSM_THERMAL_GET_CLUSTER_VOLTAGE_PLAN ioctls, a cluster ID greater than the number of possible CPUs results in the use of an out-of-range pointer offset.
Access Vector: Local
Security Risk: Medium
Access Vector: Local
Affected Versions:
All Android releases from CAF using the Linux kernel.
Patch:
We advise customers to apply the following patches:
Acknowledgement:
Please reference Google's April 2016 Nexus Security Advisory. This issue is ANDROID-26866053.
Revisions:
Initial revision