Date: Thu, 19 Jan 2017 14:38:31 +0800 From: Idler <idler1984@...il.com> To: oss-security@...ts.openwall.com, Anarcheuz Fritz <anarcheuz@...il.com>, cve-assign@...re.org Subject: CVE Request - Samsung Exynos GPU driver OOB read Hello, I'd like to request CVE for the following security issue: Security bulletin: http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017 SVE-2016-6362: out of bound read in gpu driver Severity: Low Affected versions: M(6.0), N(7.0) devices with Exynos AP chipsets Reported on: May 31, 2016 Disclosure status: Privately disclosed. Vulnerability in gpu driver does not properly check the boundary of buffers leading to a possible memory corruption. The applied patch avoids an illegal access to memory by checking the boundary. Source code: Source code of the affected GPU drivers (as part of the Linux kernel source) can be downloaded from Samsung Opensource Resource center: http://opensource.samsung.com/ The particular model of phone we used to reproduce this issue is: http://opensource.samsung.com/reception/receptionSub.do?method=sub&sub=F&searchValue=SM-G9200 License: GPL Thanks. James
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.