Security - 4.2 0002 - futex (aka towelroot) vulnerability - CVE-2014-3153
Added by My Self almost 10 years ago
I've checked, that Replicant is vulnerable to CVE-2014-3153:
http://zomo.herokuapp.com/blog/2014/06/21/pinkie-pies-cve-2014-3153
Explicit CM patch pointers, (for android_kernel_samsung_exynos5410 / CM 11.0 if this matters):
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/89bc203bad3b921c6a38a6651b3b46809787d654
Don't know if these further patches make sense in this context, too:
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/69e8fe3662e77dd22496314307523c5cd91739e8
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/5013b860800a0648b996f0a42a5c6aaba03ad06c
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/11cf6decfdf6b09479caa5b371d32eb5d1b311f2
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/62a1297de30048e88046348c187613e186580c4a
https://github.com/CyanogenMod/android_kernel_samsung_exynos5410/commit/1e1a82e907b5b9d78b57f0f9576ff46689731ae2
Hope Replicant closes that security issue ASAP.
Thanks in advance for any support.
Replies (1)
RE: Security - 4.2 0002 - futex (aka towelroot) vulnerability - CVE-2014-3153 - Added by Paul Kocialkowski almost 10 years ago
Thanks for opening tickets about this, I'll merge the patches before making a new set of Replicant images.