Issue metadata
Sign in to add a comment
|
CrOS: Vulnerability reported in sys-kernel/chromeos-kernel-3_18 |
||||||||||||||||||||||
Issue descriptionAutomated analysis has detected that the following third party packages have had vulnerabilities publicly reported. NOTE: There may be several bugs listed below - in almost all cases, all bugs can be quickly addressed by upgrading to the latest version of the package. Package Name: sys-kernel/chromeos-kernel-3_18 Package Version: [cpe:/o:linux:linux_kernel:3.18] Advisory: CVE-2016-8398 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-8398 CVSS severity score: 10/10.0 Confidence: high Description: Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. References: QC-CR#877705. Advisory: CVE-2016-8400 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-8400 CVSS severity score: 4.3/10.0 Confidence: high Description: An information disclosure vulnerability in the NVIDIA librm library (libnvrm) could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: Kernel-3.18. Android ID: A-31251599. References: N-CVE-2016-8400. Advisory: CVE-2016-8437 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-8437 CVSS severity score: 10/10.0 Confidence: high Description: Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695. Advisory: CVE-2016-8438 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-8438 CVSS severity score: 10/10.0 Confidence: high Description: Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638. Advisory: CVE-2016-8439 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-8439 CVSS severity score: 10/10.0 Confidence: high Description: Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR#1027804. Advisory: CVE-2016-8440 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-8440 CVSS severity score: 10/10.0 Confidence: high Description: Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31625306. References: QC-CR#1036747. Advisory: CVE-2016-8459 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-8459 CVSS severity score: 10/10.0 Confidence: high Description: Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462. Advisory: CVE-2016-8461 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-8461 CVSS severity score: 2.1/10.0 Confidence: high Description: An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. Product: Android. Versions: Kernel-3.18. Android ID: A-32369621. Advisory: CVE-2016-8463 Details: https://vomit.googleplex.com/advisory?id=CVE/CVE-2016-8463 CVSS severity score: 7.1/10.0 Confidence: high Description: A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30786860. References: QC-CR#586855.
,
Jan 23 2017
Interesting; looks like I can not assign this to myself, or even add me to Cc. I'll have a look anyway.
,
Jan 23 2017
,
Jan 23 2017
Detailed analysis: CVE-2016-8398 A-31548486 Certain NAS messages are processed when no EPS security context...; not a kernel bug CVE-2016-8400 A-31251599 NVIDIA librm library (libnvrm); not a kernel bug CVE-2016-8437 A-31623057 Access control API; bootloader; does not appear to be a kernel bug CVE-2016-8438 A-31624565 PIL authentication; Qualcomm specific. Unclear if kernel bug. CVE-2016-8439 A-31625204 trust zone access control API; Qualcomm specific; unclear if kernel bug CVE-2016-8440 A-31625306 Qualcomm specific; unclear if kernel bug CVE-2016-8459 A-32577972 RPMB commands; Qualcomm specific. Marked as closed Source CVE-2016-8461 A-32369621 bootloader; not a kernel bug Summary: Nothing to fix in chromeos.
,
May 2 2017
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||
Comment 1 by kerrnel@chromium.org
, Jan 23 2017Components: OS>Kernel
Labels: Security_Impact-Stable M-56 Security_Severity-High