Imagination Technologies driver for Chrome OS Integer Overflow or Wraparound Vulnerability

Summary

The Imagination Technologies driver for Chrome OS before R74-11895.B, R75 before R75-12105.B, and R76 before R76-12208.0.0 allows attackers to trigger an Integer Overflow and gain privileges via a malicious application.

Credit:

The information has been provided by Vendor

The original article can be found at: https://bugs.chromium.org/p/chromium/issues/detail?id=960106


Details

This occurs because of intentional access for the GPU process to /dev/dri/card1 and the PowerVR ioctl handler, as demonstrated by PVRSRVBridgeSyncPrimOpCreate.

Vulnerable Systems:

Chrome OS before R74-11895.B, R75 before R75-12105.B, and

Chrome OS R76 before R76-12208.0.0

CVE Information:

CVE-2019-16508

Disclosure Timeline:
Published Date:
10/01/2019