Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 19 Jan 2017 14:38:31 +0800
From: Idler <idler1984@...il.com>
To: oss-security@...ts.openwall.com, Anarcheuz Fritz <anarcheuz@...il.com>, 
	cve-assign@...re.org
Subject: CVE Request - Samsung Exynos GPU driver OOB read

Hello,

I'd like to request CVE for the following security issue:

Security bulletin: http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017

SVE-2016-6362: out of bound read in gpu driver

Severity: Low
Affected versions: M(6.0), N(7.0) devices with Exynos AP chipsets
Reported on: May 31, 2016
Disclosure status: Privately disclosed.
Vulnerability in gpu driver does not properly check the boundary of
buffers leading to a possible memory corruption.
The applied patch avoids an illegal access to memory by checking the boundary.

Source code:
Source code of the affected GPU drivers (as part of the Linux kernel
source) can be downloaded from Samsung Opensource Resource center:
http://opensource.samsung.com/

The particular model of phone we used to reproduce this issue is:
http://opensource.samsung.com/reception/receptionSub.do?method=sub&sub=F&searchValue=SM-G9200

License:
GPL


Thanks.
James

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ