Use-after-free vulnerability in the msm_set_crop function in drivers/media/video/msm/msm_camera.c in the MSM-Camera driver for the Linux kernel, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a denial of service (memory corruption) via an application that makes a crafted ioctl call. References: http://www.securityfocus.com/bid/92379
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1866190]
Yet another android specific driver which is not upstream.