Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 19 Jan 2017 15:37:00 +0100
From: Greg KH <greg@...ah.com>
To: oss-security@...ts.openwall.com
Cc: Anarcheuz Fritz <anarcheuz@...il.com>, cve-assign@...re.org
Subject: Re: CVE Request - Samsung Exynos GPU driver OOB read

On Thu, Jan 19, 2017 at 02:38:31PM +0800, Idler wrote:
> Hello,
> 
> I'd like to request CVE for the following security issue:
> 
> Security bulletin: http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017
> 
> SVE-2016-6362: out of bound read in gpu driver
> 
> Severity: Low
> Affected versions: M(6.0), N(7.0) devices with Exynos AP chipsets
> Reported on: May 31, 2016
> Disclosure status: Privately disclosed.
> Vulnerability in gpu driver does not properly check the boundary of
> buffers leading to a possible memory corruption.
> The applied patch avoids an illegal access to memory by checking the boundary.
> 
> Source code:
> Source code of the affected GPU drivers (as part of the Linux kernel
> source) can be downloaded from Samsung Opensource Resource center:
> http://opensource.samsung.com/
> 
> The particular model of phone we used to reproduce this issue is:
> http://opensource.samsung.com/reception/receptionSub.do?method=sub&sub=F&searchValue=SM-G9200

Any pointer to the commit(s) that happened to resolve this issue?

thanks,

greg k-h

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ