mirror of
git://git.yoctoproject.org/poky
synced 2026-04-02 02:49:11 +00:00
6e1ca0e922
In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is
a possible out of bounds write due to a missing bounds check. This
could lead to local information disclosure with no additional
execution privileges needed. User interaction is not needed for
exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683
References:
https://nvd.nist.gov/vuln/detail/CVE-2021-0561
Upstream patches:
e1575e4a7c
(From OE-Core rev: 76d5c8d876f78d86e755c12360d41e40154eca0b)
Signed-off-by: Li Wang <li.wang@windriver.com>
Signed-off-by: Joe Slater <joe.slater@windriver.com>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>