maemo.org - Talk - Serious security vulnerability found in Qualcomm closed GPU driver

maemo.org - Talk (https://talk.maemo.org/index.php)

- Jolla1 & TOH (https://talk.maemo.org/forumdisplay.php?f=56)

- - Serious security vulnerability found in Qualcomm closed GPU driver (https://talk.maemo.org/showthread.php?t=93381)

Serious security vulnerability found in Qualcomm closed GPU driver

Re: Serious security vulnerability found in Qualcomm closed GPU driver

Quote:

Originally Posted by shmerl (Post 1430809)

* http://bloggingthemonkey.blogspot.ru...root-hole.html
* https://www.codeaurora.org/projects/...table-cve-2014

Is Jolla affected?

Since there is no mentioning which SoC's the vulnerability is present I assume it is present on all curret Snapdragon chipsets.
Hence, yes, Jolla is probably also affected.

Re: Serious security vulnerability found in Qualcomm closed GPU driver

Quote:

Originally Posted by juiceme (Post 1430820)

Since there is no mentioning which SoC's the vulnerability is present I assume it is present on all curret Snapdragon chipsets.
Hence, yes, Jolla is probably also affected.

Hmm, perhaps, it seems related heavily to the graphics driver on Android. But, given the nature, the driver in SailfishOS might just be vulnerable aswell.
Seems to be patches available already, so hopefully Jolla is watching this ;)

EDIT: Yep!
Someone needs to patch this
https://github.com/KonstaT/sailfisho...msm/kgsl_mmu.c

with this patch
https://www.codeaurora.org/cgit/quic...43b707a9678580

and, patch this
https://github.com/KonstaT/sailfisho...u/msm/adreno.c

with this patch
https://www.codeaurora.org/cgit/quic...270d4cf26102bc

Re: Serious security vulnerability found in Qualcomm closed GPU driver

Coming update 9 should have the patches for sure. They could already have been distributed with the earlier update but I am not 100% sure (the patches went in the internal kernel tree the same day this thread was started)