3 matches found
FreeBSD Security Advisory - FreeBSD-SA-26:34.vt
FreeBSD Security Advisory - The CONSHISTORY ioctl handler did not adequately validate the requested history size. A large value caused an integer overflow in the buffer size calculation, resulting in a heap allocation smaller than expected. Subsequent initialization of the buffer wrote beyond the...
Qualcomm Qualcomm Camera Driver Resource Management Error Vulnerability
Qualcomm Camera Driver is a camera driver from Qualcomm Incorporated USA. A resource management error vulnerability exists in Qualcomm Camera Driver that stems from incorrectly setting the ioctl command size to the size of a pointer and not allocating enough storage for a copy of the user...
CVE-2016-2502
drivers/usb/gadget/fserial.c in the Qualcomm USB driver in Android before 2016-07-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a large size in a GSERIOCTL ioctl call, aka Android internal bug 27657963 and Qualcomm internal bug CR997044...