Issue 663991 link

Starred by 1 user

Issue metadata

Status:	Archived
Owner:	----
Closed:	May 2017
Cc:	chromeos-kernel-security-bug-access@google.com
Components:	OS>Kernel
EstimatedDays:	----
NextAction:	----
OS:	Chrome
Pri:	2
Type:	Bug-Security
Security_Impact-None Security_Severity-High allpublic

Security: sdcardfs stack overflow potentially leading to kernel code execution

Project Member Reported by mnissler@chromium.org, Nov 10 2016

Issue description

Chrome OS is currently not affected, since we don't compile with CONFIG_SDCARD_FS.

Repro:

while true; do mount -t sdcardfs /data/media /data/media; done

See b/32761463 for context. We should make sure we bring in the fix from the Android side once it's available.

Comment 1 by groeck@google.com, May 10 2017

The patch for CVE-2014-9922 has been applied to all affected chrome OS versions, so this bug can be closed.

Comment 2 by kerrnel@chromium.org, May 10 2017

Status: Fixed (was: Unconfirmed)

Project Member

Comment 3 by sheriffbot@chromium.org, May 11 2017

Labels: -Restrict-View-SecurityTeam Restrict-View-SecurityNotify

Project Member

Comment 4 by sheriffbot@chromium.org, Aug 17 2017

Labels: -Restrict-View-SecurityNotify allpublic

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Comment 5 by dchan@chromium.org, Jan 22 2018

Status: Archived (was: Fixed)

►

Issue 663991 link

Issue metadata

Security: sdcardfs stack overflow potentially leading to kernel code execution

Issue description

Comment 1 by groeck@google.com, May 10 2017

Comment 1 Deleted

Comment 2 by kerrnel@chromium.org, May 10 2017

Comment 2 Deleted

Comment 3 by sheriffbot@chromium.org, May 11 2017

Comment 3 Deleted

Comment 4 by sheriffbot@chromium.org, Aug 17 2017

Comment 4 Deleted

Comment 5 by dchan@chromium.org, Jan 22 2018

Comment 5 Deleted

Sign in to add a comment