commit | 4afa485f96571c751e4295b92effc95328c22b8b | [log] [tgz] |
---|---|---|
author | David Chu <david.chu@mediatek.com> | Mon Aug 06 17:58:30 2018 -0700 |
committer | Ben Fennema <fennema@google.com> | Thu Aug 16 15:51:53 2018 -0700 |
tree | 3b004bc17c18fc68ecc079fafb3053c5488487f0 | |
parent | f06e9a0a06f3bea41be2e5281d9b019786c4d1fe [diff] |
Security Patch: fix ioctl vulnerability for WMT_IOCTL_SET_PATCH_INFO [Detail] If dowloadSeq is 0, it'll pass the error handle and cause KE issue. [Solution] Add condition that downloadSeq can not equal to zero. CVE-2018-9397 Change-Id: I68a2d501c873c4d665634893066b6c0f03e1537c Signed-off-by: Ben Fennema <fennema@google.com>