summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2023-21255
blob: 781bdc20c1b5aa09d065acceecd2596b33e08ac9 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17

Description: binder: fix UAF caused by faulty buffer cleanup
References:
 https://source.android.com/docs/security/bulletin/2023-07-01
 https://android.googlesource.com/kernel/common/+/1ca1130ec62d
Notes:
 carnil> Commit fixes 32e9f56a96d8 ("binder: don't detect sender/target
 carnil> during buffer cleanup") in 5.16-rc1 (which was backported to
 carnil> 5.4.159, 5.10.79, 5.14.18, 5.15.2)
Bugs:
upstream: released (6.4-rc4) [bdc1c5fac982845a58d28690cdb56db8c88a530d]
6.1-upstream-stable: released (6.1.31) [e1e198eff1fbaf56fd8022c4fbbf59c5324ea320]
5.10-upstream-stable: released (5.10.182) [2218752325a98861dfb10f59a9b0270d6d4abe21]
4.19-upstream-stable: N/A "Vulnerable code not present"
sid: released (6.3.7-1)
6.1-bookworm-security: released (6.1.37-1)
5.10-bullseye-security: released (5.10.191-1)
4.19-buster-security: N/A "Vulnerable code not present"

© 2014-2024 Faster IT GmbH | imprint | privacy policy