3 matches found
CVE-2020-0232
Function abcpcieissuedmaxfersync creates a transfer object, adds it to the session object then continues to work with it. A concurrent thread could retrieve created transfer object from the session object and delete it using abcpciedmauserxferclean. If this happens, abcpciestartdmaxfer and...
CVE-2020-0232
CVE-2020-0232 is reported in the Android kernel (Airbrush component). The issue arises when abc_pcie_issue_dma_xfer_sync creates a transfer object, stores it in a session, and a concurrent thread can fetch that object and delete it via abc_pcie_dma_user_xfer_clean. If this occurs, the original th...
CVE-2020-0232
Function abcpcieissuedmaxfersync creates a transfer object, adds it to the session object then continues to work with it. A concurrent thread could retrieve created transfer object from the session object and delete it using abcpciedmauserxferclean. If this happens, abcpciestartdmaxfer and...