Project

General

Profile

Issue #1251

GraphicBuffer overflow vulnerability - CVE-2015-1474

Added by My Self about 6 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
High
Assignee:
Category:
Security
Target version:
Start date:
03/30/2015
Due date:
% Done:

100%

Estimated time:
Resolution:
fixed
Device:
Grant:
Type of work:

Description

I've checked, that Replicant is vulnerable to the GraphicBuffer overflow (bug: 18076253), registered as CVE-2015-1474.
More informations: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1474

Solution/Patch
Android diff: https://android.googlesource.com/platform/frameworks/native/+/38803268570f90e97452cd9a30ac831661829091


Files

CVE-2015-1474.patch (2.01 KB) CVE-2015-1474.patch My Self, 08/26/2015 11:34 AM
#1

Updated by My Self about 6 years ago

#2

Updated by My Self almost 6 years ago

  • File CVE-2015-1474.patch added

I decided to attach the patch listed above, (and tested with the current Replicant 4.2 sources) on this ticket.
After flashing the patched Replicant, I've tested my productive device several months without any misbehavior.

@everyone: please review the patch and apply it if you like.

#3

Updated by My Self over 5 years ago

  • % Done changed from 0 to 100
#4

Updated by My Self over 5 years ago

  • File deleted (CVE-2015-1474.patch)
#6

Updated by Paul Kocialkowski over 5 years ago

  • Status changed from New to Closed
  • Resolution set to fixed

Merged, thanks a lot!

Also available in: Atom PDF