blob: cadee5af6c2ef301c3001130affae9ccb4c93bbf (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
|
Description: ARM: amba: Fix race condition with driver_override
References:
https://source.android.com/security/bulletin/pixel/2018-07-01
https://patchwork.kernel.org/patch/10175615/
Notes:
jmm> Unclear, might affect drivers/amba in some way?
bwh> The Android bulletin links to a patch for PCI that *wasn't*
bwh> applied upstream (and isn't needed), but based on the
bwh> description as "AMBA driver" I found what I think is the actual
bwh> upstream fix.
bwh> Introduced in Linux 4.0 by commit 3cf385713460 "ARM: 8256/1:
bwh> driver coamba: add device binding path 'driver_override'".
carnil> There was possibly intiial confusion re CVE-2018-9415 and
carnil> the second assigned CVE-2018-9385 which are related.
Bugs:
upstream: released (4.17-rc3) [6a7228d90d42bcacfe38786756ba62762b91c20a]
4.9-upstream-stable: released (4.9.98) [272c99cf85a371401b78f3c56a18745bf07817a3]
3.16-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.16.12-1)
4.9-stretch-security: released (4.9.107-1)
3.16-jessie-security: N/A "Vulnerable code not present"
|
