oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE Request: Arm Mali gpu driver Dos vulnerability

From: cve-assign () mitre org
Date: Wed, 7 Oct 2015 00:30:24 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256


The lastest gpu driver ARM MALI (used in many android devices) has a
denial of service vulnerability



http://community.arm.com/thread/8963
http://malideveloper.arm.com/resources/drivers/open-source-mali-gpus-linux-kernel-device-drivers/



crw-rw-rw- system   graphics  10,  58 2015-09-16 17:14 mali

as you can see, Mali devices in huawei P8 ale-ul00 can be accessed by all users!!!!

any users can trigger the phone to  crash  use a simple ioctl to /dev/mali


Use CVE-2015-7740.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJWFJ+HAAoJEL54rhJi8gl5qC0P/RusS0R2dck4Fjd9V5FkeDcJ
qe0UAGqeQfo1HPF1o6NLm/DffrSLG3cYb2CrI7LBSz8z9J4O9BJDE2QpLjnNR61x
jGrWozYujPM+N5cJt4RMpHTvdS6c/UiV6XzKn10Au4PAmtjiG9IO9zateLiyC74H
sNrrzjZ91VefXGSncl8dauWjDEMViuX/hH8w2h4W8V+9xqF8hcebRM8RB2xpxbYo
Rgf2Gzf6DgbFtqPx8Za9adicYKTeFhbe063hTktjf+aBtudD0HWjtanhxzPd8Ypv
E61QQY/MXkF9N/85duBtg9bX1iZQtvDfBZI+4xpZZQhHcFikX6y6DnIXvEchblp7
vho8mYg7mzYf4q1yirCMTgko+WgvqcyrnCncCYn+8fN64xk8tQEwV1dAORwaLhoA
hEyLPUbbAgXPexs0C2hkYPDgvHpuMG1dTu4Dba6oGFl0ggBEmrpAJg0i5GrzAky2
Gz+YO7QewETMwePp9Nle6PsYKl/NKUJCLEnNzBYDGiSOSThI76hFrMWj2FBIEPzL
w6TUFKAmcE/BP3gtdK6NL9nXJ6qmw2Ma7JPaLxpkrW6RHWCLXRyLYSOLKGeKxHEb
CTZCoL1Vi02sBbijYXMjSK/+R/Qno91SrLGtASKe5J9vFltrhpNV2A19kB9Q/Ng8
wOhEe+pw25igVI20Y5JN
=Fwns
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: