Surprisingly, Veo found the bug (CVE-2017-13811) while searching for bugs in Android's source code. The fsck_msdos utility is shared by many *NIX-based operating systems, such as Linux, Android, and BSD-based systems. Veo said he reached out to other vendors but none except the Android team have responded. Android maintainers said they don't plan to fix the issue because "fsck_msdos runs under a very restricted SELinux domain," and it wouldn't be able to do any damage.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |