** Changed in: linux (Ubuntu)
Status: New => Invalid
** Changed in: linux (Ubuntu Trusty)
Status: New => Invalid
** Description changed:
- The Gemini JPEG encoder and the Jpeg1.0 common encoder/decoder engines
- of the camera driver are not properly initializing all members of a
- structure before copying it to user space. This allows a local attacker
- to obtain potentially sensitive information from kernel stack memory via
- ioctl system calls.
+ The MSM camera driver for the Linux kernel 3.x, as used in Qualcomm
+ Innovation Center (QuIC) Android contributions for MSM devices and other
+ products, allows attackers to obtain sensitive information from kernel
+ stack memory via (1) a crafted MSM_MCR_IOCTL_EVT_GET ioctl call, related to
+ drivers/media/platform/msm/camera_v1/mercury/msm_mercury_sync.c, or (2) a
+ crafted MSM_JPEG_IOCTL_EVT_GET ioctl call, related to
+ drivers/media/platform/msm/camera_v2/jpeg_10/msm_jpeg_sync.c.
Break-Fix: - 8604847927f952cc8e773b97eca24e1060a570f2
** Changed in: linux-ti-omap4 (Ubuntu)
Status: New => Invalid
** Changed in: linux-ti-omap4 (Ubuntu Trusty)
Status: New => Invalid
** Changed in: linux-lts-quantal (Ubuntu Precise)
Status: New => Invalid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1244804
Title:
CVE-2013-4739
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1244804/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
