Bug 1866180 (CVE-2016-2064) - CVE-2016-2064 kernel: DoS in MSM QDSP6 audio driver
Summary: CVE-2016-2064 kernel: DoS in MSM QDSP6 audio driver
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2016-2064
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1866182
Blocks: 1866181
TreeView+ depends on / blocked
 
Reported: 2020-08-05 04:32 UTC by Dhananjay Arunesh
Modified: 2020-08-18 18:50 UTC (History)
47 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2020-08-06 15:13:27 UTC
Embargoed:

Attachments (Terms of Use)

Description Dhananjay Arunesh 2020-08-05 04:32:50 UTC 
A vulnerability was found in sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecified other impact via a crafted application that makes an ioctl call specifying many commands.

References:
http://www.securityfocus.com/bid/92375
https://us.codeaurora.org/cgit/quic/la/kernel/msm-3.18/commit/?id=775fca8289eff931f91ff6e8c36cf2034ba59e88
Comment 1 Dhananjay Arunesh 2020-08-05 04:36:32 UTC 
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1866182]
Comment 2 Justin M. Forbes 2020-08-05 15:55:49 UTC 
Another android specific driver which is not upstream.
Note You need to log in before you can comment on or make changes to this bug.