CVE-2014-9892 -- linux-imageID: oval:org.secpod.oval:def:2001798 | Date: (C)2020-09-23 (M)2021-06-02 |
Class: VULNERABILITY | Family: unix |
The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug 28770164 and Qualcomm internal bug CR568717.
Platform: |
Debian 10.x |
Debian 9.x |
Product: |
linux-image-4.9 |
linux-image-4.19 |