Date: Thu, 19 Jan 2017 15:37:00 +0100 From: Greg KH <greg@...ah.com> To: oss-security@...ts.openwall.com Cc: Anarcheuz Fritz <anarcheuz@...il.com>, cve-assign@...re.org Subject: Re: CVE Request - Samsung Exynos GPU driver OOB read On Thu, Jan 19, 2017 at 02:38:31PM +0800, Idler wrote: > Hello, > > I'd like to request CVE for the following security issue: > > Security bulletin: http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017 > > SVE-2016-6362: out of bound read in gpu driver > > Severity: Low > Affected versions: M(6.0), N(7.0) devices with Exynos AP chipsets > Reported on: May 31, 2016 > Disclosure status: Privately disclosed. > Vulnerability in gpu driver does not properly check the boundary of > buffers leading to a possible memory corruption. > The applied patch avoids an illegal access to memory by checking the boundary. > > Source code: > Source code of the affected GPU drivers (as part of the Linux kernel > source) can be downloaded from Samsung Opensource Resource center: > http://opensource.samsung.com/ > > The particular model of phone we used to reproduce this issue is: > http://opensource.samsung.com/reception/receptionSub.do?method=sub&sub=F&searchValue=SM-G9200 Any pointer to the commit(s) that happened to resolve this issue? thanks, greg k-h
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ