Your submission was sent successfully! Close

CVE-2014-4323

Published: 12 December 2014

The mdp_lut_hw_update function in drivers/video/msm/mdp.c in the MDP display driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not validate certain start and length values within an ioctl call, which allows attackers to gain privileges via a crafted application.

Priority

High

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(Android-specific)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by 014fa8def84c62893fa016e873c12de1da498603
linux-armadaxp
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
This package is not directly supported by the Ubuntu Security Team
linux-aws
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(Android-specific)
linux-azure
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(Android-specific)
linux-azure-edge
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(Android-specific)
linux-ec2
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-euclid
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

linux-flo
Launchpad, Ubuntu, Debian
Upstream Needed

linux-fsl-imx51
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-gcp
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(Android-specific)
linux-gke
Launchpad, Ubuntu, Debian
Upstream Needed

linux-goldfish
Launchpad, Ubuntu, Debian
Upstream Needed

linux-grouper
Launchpad, Ubuntu, Debian
Upstream Needed

linux-hwe
Launchpad, Ubuntu, Debian
Upstream Needed

linux-hwe-edge
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(Android-specific)
linux-kvm
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(Android-specific)
linux-linaro-omap
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-linaro-shared
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-linaro-vexpress
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-lts-quantal
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
This package is not directly supported by the Ubuntu Security Team
linux-lts-raring
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-lts-saucy
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
This package is not directly supported by the Ubuntu Security Team
linux-lts-trusty
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-lts-utopic
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-lts-vivid
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-lts-wily
Launchpad, Ubuntu, Debian
Upstream Needed

linux-lts-xenial
Launchpad, Ubuntu, Debian
Upstream Needed

linux-maguro
Launchpad, Ubuntu, Debian
Upstream Needed

linux-mako
Launchpad, Ubuntu, Debian
Upstream Needed

linux-manta
Launchpad, Ubuntu, Debian
Upstream Needed

linux-mvl-dove
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-oem
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(Android-specific)
linux-qcm-msm
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)
linux-raspi2
Launchpad, Ubuntu, Debian
Upstream Needed

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(Android-specific)
linux-snapdragon
Launchpad, Ubuntu, Debian
Upstream Needed

linux-ti-omap4
Launchpad, Ubuntu, Debian
Upstream Not vulnerable
(Android-specific)

Notes

AuthorNote
jdstrand
android kernels (flo, goldfish, grouper, maguro, mako and manta) are
not supported on the Ubuntu Touch 14.04 preview kernels
linux-lts-saucy no longer receives official support
linux-lts-quantal no longer receives official support

References

Bugs