Bug 1868218 (CVE-2016-2066) - CVE-2016-2066 kernel: integer signedness error in the MSM QDSP6 audio driver
Summary: CVE-2016-2066 kernel: integer signedness error in the MSM QDSP6 audio driver
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2016-2066
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1868220
Blocks: 1868219
TreeView+ depends on / blocked
 
Reported: 2020-08-12 03:13 UTC by Dhananjay Arunesh
Modified: 2020-08-21 14:13 UTC (History)
47 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2020-08-12 15:23:42 UTC
Embargoed:

Attachments (Terms of Use)

Description Dhananjay Arunesh 2020-08-12 03:13:27 UTC 
Integer signedness error in the MSM QDSP6 audio driver for the Linux kernel, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via a crafted application that makes an ioctl call.


References:
https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=775fca8289eff931f91ff6e8c36cf2034ba59e88
Comment 1 Dhananjay Arunesh 2020-08-12 03:15:28 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1868220]
Comment 2 Justin M. Forbes 2020-08-12 13:43:14 UTC 
Another Android only bug in a driver which does not exist upstream.
Note You need to log in before you can comment on or make changes to this bug.