diff options
author | Ben Hutchings <ben@decadent.org.uk> | 2019-11-12 22:04:36 +0000 |
---|---|---|
committer | Ben Hutchings <ben@decadent.org.uk> | 2019-11-12 22:04:36 +0000 |
commit | cc80e1e14dd36e7e8b24e7cf1bac005042a23e4f (patch) | |
tree | 01e643010c0b0f86c408a999cdef43763c0b06b5 /active/CVE-2019-2213 | |
parent | 01be1555915eea5c107c85ccdd1ee3e6835a1820 (diff) |
Update two issues that need more work to fix in 3.16
Diffstat (limited to 'active/CVE-2019-2213')
-rw-r--r-- | active/CVE-2019-2213 | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/active/CVE-2019-2213 b/active/CVE-2019-2213 index 48e9e9e4..186d2a62 100644 --- a/active/CVE-2019-2213 +++ b/active/CVE-2019-2213 @@ -2,8 +2,12 @@ Description: binder: fix possible UAF when freeing buffer References: https://lore.kernel.org/patchwork/patch/1087916/ Notes: + bwh> For branches older than 4.20, the second hunk should be applied + bwh> to binder_thread_write() instead of binder_free_buf(). bwh> For branches older than 4.14, the first hunk should be applied to bwh> binder_pop_transaction() instead of binder_free_transaction(). + bwh> It's not clear how the locking should be done for branches older + bwh> than 4.14 though. Bugs: upstream: released (5.2-rc6) [a370003cc301d4361bae20c9ef615f89bf8d1e8a] 4.19-upstream-stable: released (4.19.64) [22068d49d09d2b3890e19d7b2048a33340f992da] |