New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 718088 link

Starred by 1 user
Status: Fixed
Owner:
groeck@chromium.org
Closed: May 2017
Cc:
awhalley@chromium.org
bhthompson@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

CVE-2014-9940

Project Member Reported by groeck@chromium.org, May 3 2017 
CVE-2014-9940:

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.

From Android security bulletin May 2017. Fix needs to be applied to chromeos-3.10, chromeos-3.14, and chromeos-3.18.

Reference: https://buganizer.corp.google.com/issues/37858885

Comment 1 by gov...@chromium.org, May 3 2017

Cc: awhalley@chromium.org bhthompson@chromium.org
+ awhalley@ & +bhthompson@ for M58 merge review as this is security issue for Chrome OS.

Comment 2 by bhthompson@google.com, May 3 2017

Labels: -Merge-Request-58 Merge-Approved-58
SGTM for 58, assuming this has at least been seen on ToT and we have it on 59.

Comment 3 by groeck@chromium.org, May 4 2017

Labels: -Merge-Approved-58 Merge-Merged
Status: Fixed (was: Started)

Sign in to add a comment