Bug 1866204 (CVE-2015-0572) - CVE-2015-0572 kernel: multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c
Summary: CVE-2015-0572 kernel: multiple race conditions in drivers/char/adsprpc.c and ...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2015-0572
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1866206
Blocks: 1866205
TreeView+ depends on / blocked
 
Reported: 2020-08-05 05:42 UTC by Dhananjay Arunesh
Modified: 2020-08-18 18:54 UTC (History)
47 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2020-08-06 06:06:06 UTC
Embargoed:

Attachments (Terms of Use)

Description Dhananjay Arunesh 2020-08-05 05:42:46 UTC 
Multiple race conditions in drivers/char/adsprpc.c and drivers/char/adsprpc_compat.c in the ADSPRPC driver for the Linux kernel, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (zero-value write) or possibly have unspecified other impact via a COMPAT_FASTRPC_IOCTL_INVOKE_FD ioctl call.

References:
http://source.android.com/security/bulletin/2016-10-01.html
http://www.securityfocus.com/bid/93312
https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=8fb32c3a8147b82e2bb159b3f70d803c9e68899b
https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=34ad3d34fbff11b8e1210b9da0dac937fb956b61
Comment 1 Dhananjay Arunesh 2020-08-05 05:44:28 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1866206]
Comment 2 Justin M. Forbes 2020-08-05 16:07:05 UTC 
Another Android specific driver which is not upstream.
Comment 3 Wade Mealing 2020-08-06 06:06:06 UTC 
At this time, No Red Hat Enterprise Linux products include the affected code.
Note You need to log in before you can comment on or make changes to this bug.