CVE-2014-9892

2016-08-06T10:59:00
ID CVE-2014-9892
Type cve
Reporter cve@mitre.org
Modified 2016-11-28T19:15:00

Description

The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717.