PT-2019-14677 · Google+1 · Chrome Os+1
Publicado
2019-10-01
·
Atualizado
2019-10-08
·
CVE-2019-16508
CVSS v2.0
9.3
Alta
| Vetor | AV:N/AC:M/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Imagination Technologies driver for Chrome OS versions prior to R74-11895.B
Imagination Technologies driver for Chrome OS versions prior to R75-12105.B
Imagination Technologies driver for Chrome OS versions prior to R76-12208.0.0
Description
The issue allows attackers to trigger an Integer Overflow and gain privileges via a malicious application. This occurs because of intentional access for the GPU process to /dev/dri/card1 and the PowerVR ioctl handler.
Recommendations
For versions prior to R74-11895.B, update to R74-11895.B or later.
For versions prior to R75-12105.B, update to R75-12105.B or later.
For versions prior to R76-12208.0.0, update to R76-12208.0.0 or later.
Exploit
Correção
Integer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Chrome Os
Imagination Technologies Driver