Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[(CR)][lihao24]ALPS03501288(For_lenovo6737m_35_n1_alps-mp-n1.mp1-V1_P81)
Patch Type: Customer Request CR ID: ALPS03501288 Severity: Description: [Patch Request] [PMS] LENOVO, Project: LENOVO6737M_35_N1, SW Version: alps-mp-n1.mp1-V1N/A Associated Files: device/lenovo/lenovo6737m_35_n1/ProjectConfig.mk vendor/lenovo/libs/libmtk-art-runtimed/arm/libmtk-art-runtimed.a vendor/lenovo/libs/libmtk-art-runtimed/x86/libmtk-art-runtimed.a vendor/lenovo/libs/libmtk-art-runtimed/x86_64/libmtk-art-runtimed.a Patch Type: Customer Request CR ID: ALPS03245552 Severity: Critical Description: Check in Cgen [[Title for Customer]] Fix 32 bits executable(Cgen) running on 64 bits file sys*** might cause overflow problem [Monster] Update 32 bits Cgen tool to support Large File St***ge on 64 bits file sys*** to solve potential file offset overflow problem. [[Problem Description]] While building code on a file sys*** which supports 2^64 files, it might get build error related to Cgen due to required files do not exist. But when checking those files manually, they are exist in codebase. [Monster] Since a 32 bits executable isn't able to open a file whose file offset is more than 32 bits, Cgen will fail to open the required file and cause build error when the required file’s offset overflow on a file sys*** which supports 2^64 files. [[Potential Impa*** of the solution]] No [[Modules to be verified after taking p***h]] No [[問題標題]] 修正32位可執行檔(Cgen)在支援64位的檔案系統可能出現溢位的問題 [Monster] 更新32位元版本Cgen tool以支援64位元機器上大文件儲存(LFS)解決可能出現的檔案溢位問題。 [[問題現象]] 在可支援2^64檔案系統的環境下build code,可能會發生問題與Cgen有關的build error。 錯誤訊息顯示需要的檔案不存在,但實際在環境下去檢查,檔案卻是存在的。 [Monster] 由於32位元可執行檔無法開啟檔案定址超過32位元, 當需要的檔案在64位元系統下其定址溢位,Cgen將開啟檔案失敗並導致build error。 [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) 無 [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) 無N/A Associated Files: vendor/mediatek/proprietary/cgen/Cgen vendor/mediatek/proprietary/cgen/Cgen.exe Patch Type: Customer Request CR ID: ALPS03302988 Severity: Critical Description: [Buganizer]Security Vulnerability-Security Report - [*** 6797 Mvul] [[Title for Customer]] The Security Vulnerability of fingerpr*** of Microtrust TEEI. This p***h is only for reference. Please conta*** with Microtrust (BeanPod) to get la*** p***h. [[Problem Description]] Hack will atta***he io***l of fingerpr*** of Microtrust TEEI. [[Potential Impa*** of the solution]] N/A [[Modules to be verified after taking p***h]] The fingerpr*** of Microtrust TEEI. [[問題標題]] Microtrust TEEI 指紋功能有安全漏洞. 此解決方案僅供參考. 請聯絡豆莢獲取最新解決方案. [[問題現象]] 駭客可透過 io***l 方式攻擊 Microtrust TEEI 指紋功能. [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) N/A [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) Microtrust TEEI 指紋功能.N/A Associated Files: (CR).18/drivers/misc/mediatek/teei/V1.0/teei_fp/fp_func.c Patch Type: Customer Request CR ID: ALPS03319097 Severity: Critical Description: [WW FT][MT6735][AN***D N][Webe][MALAYSIA][KUALA LUMPUR][VOLTE]DUT fall ba***o *** while disabling VoLTE [[Title for Customer]] DUT fall ba***o *** while disabling VoLTE [[Problem Description]] Disable VoLTE, but fall ba***o ***. [[Potential Impa*** of the solution]] ECC & Disconne*** PDN [[Modules to be verified after taking p***h]] ECC & Disable VoLTE [[問題標題]] 关闭VoLTE,手机回落到*** [[問題現象]] 关闭VoLTE,手机回落到*** [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) 最后一条PDN是ECC & 需要断掉所有PDN。 [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) 最后一条PDN是ECC & 需要断掉所有PDN。N/A Associated Files: vendor/lenovo/libs/mtk-ril-prop-md1/arm/mtk-ril-prop-md1.a vendor/lenovo/libs/mtk-ril-prop-md2/arm/mtk-ril-prop-md2.a Patch Type: Customer Request CR ID: ALPS03361487 Severity: Critical Description: [Buganizer]Security Vulnerability 36274676 - A ***6753 driver bug(msdc_voltage_flag_StackOverflow) [[Title for Customer]] [Buganizer]Security Vulnerability 36274676 - A ***6753 driver bug(msdc_voltage_flag_StackOverflow) [[Problem Description]] [Buganizer]Security Vulnerability 36274676 - A ***6753 driver bug(msdc_voltage_flag_StackOverflow) [[Potential Impa*** of the solution]] N/A [[Modules to be verified after taking p***h]] N/A [[問題標題]] [Buganizer]Security Vulnerability 36274676 - A ***6753 driver bug(msdc_voltage_flag_StackOverflow) [[問題現象]] [Buganizer]Security Vulnerability 36274676 - A ***6753 driver bug(msdc_voltage_flag_StackOverflow) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) N/A [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) N/AN/A Associated Files: (CR).18/drivers/mmc/host/mediatek/mt6735/dbg.c Patch Type: Customer Request CR ID: ALPS03367450 Severity: Description: [***][MIKEY6T VZW][US][FT]最新版本驻不上LTE和IMS问题 [[Title for Customer]] Can't register Volte successfully [[Problem Description]] Unexpe*** eran_type when steup IMS data call [[Potential Impa*** of the solution]] N/A [[Modules to be verified after taking p***h]] Volte [[問題標題]] Volte無法註冊成功 [[問題現象]] I***tack收到不預期的rat type [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) N/A [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) VolteN/A Associated Files: vendor/lenovo/libs/mtk-ril-prop-md1/arm/mtk-ril-prop-md1.a vendor/lenovo/libs/mtk-ril-prop-md2/arm/mtk-ril-prop-md2.a Patch Type: Customer Request CR ID: ALPS03400457 Severity: Critical Description: [Google Security P***h][(CR)-10661]EoP Vulnerability i***ile sys*** (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-10661]EoP Vulnerability i***ile sys*** (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-10661]EoP Vulnerability i***ile sys*** (Device Specific) [[Potential Impa*** of the solution]] N/A [[Modules to be verified after taking p***h]] those module use timerfd [[問題標題]] [Google Security P***h][(CR)-10661]EoP Vulnerability i***ile sys*** (Device Specific) [[問題現象]] [Google Security P***h][(CR)-10661]EoP Vulnerability i***ile sys*** (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) N/A [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) those module use timerfdN/A Associated Files: (CR).18/fs/timerfd.c Patch Type: Customer Request CR ID: ALPS03400472 Severity: Critical Description: [Google Security P***h][(CR)-0742]EoP Vulnerability in Video driver (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-0742]EoP Vulnerability in Video driver (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-0742]EoP Vulnerability in Video driver (Device Specific) [[Potential Impa*** of the solution]] N/A [[Modules to be verified after taking p***h]] N/A [[問題標題]] [Google Security P***h][(CR)-0742]EoP Vulnerability in Video driver (Device Specific) [[問題現象]] [Google Security P***h][(CR)-0742]EoP Vulnerability in Video driver (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) N/A [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) N/AN/A Associated Files: (CR).18/drivers/misc/mediatek/video/common/fbconfig_kdebug.c Patch Type: Customer Request CR ID: ALPS03449344 Severity: Critical Description: Fix GPS calibration issue [[Title for Customer]] Fix GPS can not read C0/C1 calibration data issue [[Problem Description]] For path incorre***, GPS cannot read C0/C1 calibration data [[Potential Impa*** of the solution]] no [[Modules to be verified after taking p***h]] GPS [[問題標題]] 修正GPS无法读取C0/C1校准数据的问题 [[問題現象]] 因为读取路径调整,GPS无法读取到C0/C1校准数据,导致首次定位时间较长 [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) 无 [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) GPSN/A Associated Files: vendor/mediatek/proprietary/hardware/connectivity/gps/mtk_mnld/mnld_entity/src/gps_controller.c Patch Type: Customer Request CR ID: ALPS03464202 Severity: Critical Description: [Google Security P***h][(CR)-8890]RCE Vulnerability in Networking subsys*** (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-8890]RCE Vulnerability in Networking subsys*** (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-8890]RCE Vulnerability in Networking subsys*** (Device Specific) [[Potential Impa*** of the solution]] None [[Modules to be verified after taking p***h]] None [[問題標題]] [Google Security P***h][(CR)-8890]RCE Vulnerability in Networking subsys*** (Device Specific) [[問題現象]] [Google Security P***h][(CR)-8890]RCE Vulnerability in Networking subsys*** (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) None [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) NoneN/A Associated Files: (CR).18/net/ipv4/inet_connection_sock.c Patch Type: Customer Request CR ID: ALPS03464205 Severity: Critical Description: [Google Security P***h][(CR)-9076]EoP Vulnerability in Networking subsys*** (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-9076]EoP Vulnerability in Networking subsys*** (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-9076]EoP Vulnerability in Networking subsys*** (Device Specific) [[Potential Impa*** of the solution]] None [[Modules to be verified after taking p***h]] None [[問題標題]] [Google Security P***h][(CR)-9076]EoP Vulnerability in Networking subsys*** (Device Specific) [[問題現象]] [Google Security P***h][(CR)-9076]EoP Vulnerability in Networking subsys*** (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) None [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) NoneN/A Associated Files: (CR).18/net/dccp/ipv6.c (CR).18/net/ipv6/tcp_ipv6.c Patch Type: Customer Request CR ID: ALPS03464208 Severity: Critical Description: [Google Security P***h][(CR)-9150]ID Vulnerability in Linux kernel (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-9150]ID Vulnerability in Linux kernel (Device Specific) [[Problem Description]] The do_check fun***ion in kernel/bpf/verifier.c ***he Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restri***ing the output of the pr***_bpf_ins***un***ion, which allows local users to obtain sensitive address i***o***atio***y crafted bpf sys*** calls. Note: no need for (CR).10 [[Potential Impa*** of the solution]] None [[Modules to be verified after taking p***h]] Do not need special ***, just boot up to home screen. [[問題標題]] [Google Security P***h][(CR)-9150]ID Vulnerability in Linux kernel (Device Specific) [[問題現象]] The do_check fun***ion in kernel/bpf/verifier.c ***he Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restri***ing the output of the pr***_bpf_ins***un***ion, which allows local users to obtain sensitive address i***o***atio***y crafted bpf sys*** calls. Note: no need for (CR).10 [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) None [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) Do not need special ***, just boot up to home screen.N/A Associated Files: (CR).18/kernel/bpf/verifier.c Patch Type: Customer Request CR ID: ALPS03464213 Severity: Critical Description: [Google Security P***h][(CR)-7487]EoP Vulnerability in IPX protocol driver (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-7487]EoP Vulnerability in IPX protocol driver (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-7487]EoP Vulnerability in IPX protocol driver (Device Specific) [[Potential Impa*** of the solution]] None [[Modules to be verified after taking p***h]] None [[問題標題]] [Google Security P***h][(CR)-7487]EoP Vulnerability in IPX protocol driver (Device Specific) [[問題現象]] [Google Security P***h][(CR)-7487]EoP Vulnerability in IPX protocol driver (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) None [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) NoneN/A Associated Files: (CR).18/net/ipx/af_ipx.c Patch Type: Customer Request CR ID: ALPS03464220 Severity: Critical Description: [Google Security P***h][(CR)-6214]DoS Vulnerability in Networking subsys*** (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-6214]DoS Vulnerability in Networking subsys*** (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-6214]DoS Vulnerability in Networking subsys*** (Device Specific) [[Potential Impa*** of the solution]] None [[Modules to be verified after taking p***h]] None [[問題標題]] [Google Security P***h][(CR)-6214]DoS Vulnerability in Networking subsys*** (Device Specific) [[問題現象]] [Google Security P***h][(CR)-6214]DoS Vulnerability in Networking subsys*** (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) None [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) NoneN/A Associated Files: (CR).18/net/ipv4/tcp.c Patch Type: Customer Request CR ID: ALPS03464221 Severity: Critical Description: [Google Security P***h][(CR)-6346]EoP Vulnerability in Linux kernel (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-6346]EoP Vulnerability in Linux kernel (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-6346]EoP Vulnerability in Linux kernel (Device Specific) [[Potential Impa*** of the solution]] None [[Modules to be verified after taking p***h]] None [[問題標題]] [Google Security P***h][(CR)-6346]EoP Vulnerability in Linux kernel (Device Specific) [[問題現象]] [Google Security P***h][(CR)-6346]EoP Vulnerability in Linux kernel (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) None [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) NoneN/A Associated Files: (CR).18/net/packet/af_packet.c Patch Type: Customer Request CR ID: ALPS03464224 Severity: Critical Description: [Google Security P***h][(CR)-5897]ID Vulnerability in Networking subsys*** (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-5897]ID Vulnerability in Networking subsys*** (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-5897]ID Vulnerability in Networking subsys*** (Device Specific) [[Potential Impa*** of the solution]] None [[Modules to be verified after taking p***h]] None [[問題標題]] [Google Security P***h][(CR)-5897]ID Vulnerability in Networking subsys*** (Device Specific) [[問題現象]] [Google Security P***h][(CR)-5897]ID Vulnerability in Networking subsys*** (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) None [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) NoneN/A Associated Files: (CR).18/net/ipv6/ip6_gre.c Patch Type: Customer Request CR ID: ALPS03464225 Severity: Critical Description: [Google Security P***h][(CR)-7495]ID Vulnerability i***ile sys*** (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-7495]ID Vulnerability i***ile sys*** (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-7495]ID Vulnerability i***ile sys*** (Device Specific) [[Potential Impa*** of the solution]] None [[Modules to be verified after taking p***h]] None [[問題標題]] [Google Security P***h][(CR)-7495]ID Vulnerability i***ile sys*** (Device Specific) [[問題現象]] [Google Security P***h][(CR)-7495]ID Vulnerability i***ile sys*** (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) None [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) NoneN/A Associated Files: (CR).18/fs/ext4/inode.c Patch Type: Customer Request CR ID: ALPS03464227 Severity: Critical Description: [Google Security P***h][(CR)-7616]ID Vulnerability in Linux kernel (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-7616]ID Vulnerability in Linux kernel (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-7616]ID Vulnerability in Linux kernel (Device Specific) [[Potential Impa*** of the solution]] None [[Modules to be verified after taking p***h]] None [[問題標題]] [Google Security P***h][(CR)-7616]ID Vulnerability in Linux kernel (Device Specific) [[問題現象]] [Google Security P***h][(CR)-7616]ID Vulnerability in Linux kernel (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) None [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) NoneN/A Associated Files: (CR).18/mm/mempolicy.c Patch Type: Customer Request CR ID: ALPS03464230 Severity: Critical Description: [Google Security P***h][(CR)-12146]EoP Vulnerability in Linux kernel (Device Specific) [[Title for Customer]] [Google Security P***h][(CR)-12146]EoP Vulnerability in Linux kernel (Device Specific) [[Problem Description]] [Google Security P***h][(CR)-12146]EoP Vulnerability in Linux kernel (Device Specific) [[Potential Impa*** of the solution]] None [[Modules to be verified after taking p***h]] None [[問題標題]] [Google Security P***h][(CR)-12146]EoP Vulnerability in Linux kernel (Device Specific) [[問題現象]] [Google Security P***h][(CR)-12146]EoP Vulnerability in Linux kernel (Device Specific) [[解法可能帶來的影響]] (請填寫於此行下方,並描述如果合入這個p***h可能會有什麼trade off的改變,如perfo******e降低、UI改變等等) None [[建議驗證模塊]] (請填寫於此行下方,並建議客戶合了此p***h後要驗證哪些module或feature) NoneN/A Associated Files: (CR).18/drivers/base/platform.c Change-Id: I7b5a9f62bfcb67d165fef26b5ac33d7b7ba19bbc
- Loading branch information