Skip to content
Snippets Groups Projects
Commit 4f32dd96 authored by Allen Huang's avatar Allen Huang Committed by Carol_Jiang
Browse files

anthias: security: CVE-2016-3843 (ANDROID-29119870)

Elevation of privilege vulnerability in kernel performance subsystem
CVE	Reference	Severity	Updated AOSP versions
	Date reported
CVE-2016-3843	ANDROID-29119870	High	6.0, 6.1
	Google internal

Elevation of privilege vulnerabilities in the kernel performance
subsystem could enable a local malicious application to execute
arbitrary code within the context of the kernel. This issue is rated as
High because of the kernel attack surface available for attackers to
exploit.
Note: This is a platform level update designed to mitigate a class of vulnerabilities such as CVE-2016-3843 (ANDROID-28086229).
Kernel patches for versions 3.4, 3.10 and 3.18 are required in addition
to the AOSP patches. A code snippet for the kernel patch is provided in
the bulletin patches zip file on Google Drive.
Additional technical details:
Bug	Details
ANDROID-29119870	The kernel performance subsystem is intended for
developers and should not be exposed by default on production builds.
...
parent 59df12f8
No related branches found
No related tags found
No related merge requests found
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment