The following security vulnerabilities have been identified:
When processing the ioctl QCEDEV_IOCTL_ENC_REQ the user can write to an arbitrary memory address with a specially crafted creq structure. This specially crafted structure circumvents checks that ensure that data is not written to not permitted kernel memory.
Access Vector: Local
Security Risk: Medium
Vulnerability: CWE-20 Improper Input Validation
All Android releases from CAF using the Linux kernel.
We advise customers to apply the following patches:
Updated revision. On Dec. 6 updated acknowledgment section.