Bug 1536181 (CVE-2017-13221) - CVE-2017-13221 kernel: elevation of privilege (EoP) in the Upstream kernel wifi driver
Summary: CVE-2017-13221 kernel: elevation of privilege (EoP) in the Upstream kernel wi...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2017-13221
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1537199
Blocks: 1536184
TreeView+ depends on / blocked
 
Reported: 2018-01-18 19:55 UTC by Laura Pardo
Modified: 2021-01-14 15:10 UTC (History)
50 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2018-04-09 07:23:04 UTC
Embargoed:

Attachments (Terms of Use)

Description Laura Pardo 2018-01-18 19:55:25 UTC 
An elevation of privilege vulnerability in the Upstream kernel wifi driver. Product: Android. Versions: Android kernel. Android ID: A-64709938. 

References:
https://source.android.com/security/bulletin/pixel/2018-01-01
Comment 1 Laura Pardo 2018-01-22 16:45:35 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1537199]
Comment 5 Vladis Dronov 2018-04-09 07:22:28 UTC 
Per discussion, this flaw is related to the following commit, which is apparently specific to the quallcom drivers:

https://github.com/aunali1/kernel_tegra_dragon/commit/7e44cef2c9d45ee9869b454e0bcee025d06b814b

This code is not present in any Red Hat's products, closing this flaw as not-a-bug.
Note You need to log in before you can comment on or make changes to this bug.