Fix "Elevation of privilege vulnerability in MediaTek video driver"

CVE-2016-3936, CVE-2016-3937

An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process.

1 files changed, 0 insertions, 23 deletions

diff --git a/drivers/misc/mediatek/videox/mt6735/debug.c b/drivers/misc/mediatek/videox/mt6735/debug.c
index a913e1734..8d57dce76 100644
--- a/drivers/misc/mediatek/videox/mt6735/debug.c
+++ b/drivers/misc/mediatek/videox/mt6735/debug.c
@@ -970,29 +970,6 @@ else if (0 == strncmp(opt, "ata",3))
         	gTriggerDispMode=simple_strtoul(p, &p, 10);
         	DISPMSG("DDP: gTriggerDispMode=%d\n", gTriggerDispMode);    
     	}
-	    else if (0 == strncmp(opt, "regw:", 5))
-    {
-        char *p = (char *)opt + 5;
-        unsigned long addr = simple_strtoul(p, &p, 16);
-        unsigned long val  = simple_strtoul(p + 1, &p, 16);
-
-        if (addr) {
-            OUTREG32(addr, val);
-        } else {
-            return;
-        }
-    }
-    else if (0 == strncmp(opt, "regr:", 5))
-    {
-        char *p = (char *)opt + 5;
-        unsigned long addr = (unsigned int) simple_strtoul(p, &p, 16);
-
-        if (addr) {
-            printk("Read register 0x%lx: 0x%08x\n", addr, INREG32(addr));
-        } else {
-           return;
-        }
-    }
     else if (0 == strncmp(opt, "cmmva_dprec", 11))
     {
 		dprec_handle_option(0x7);