CVE-2018-5897

Name of the Vulnerable Software and Affected Versions: linux kernel versions prior to security patch level 2018-06-05

Description: The issue arises from a buffer over-read problem in the dci process ctrl status() function when reading data from a buffer, potentially caused by incorrect length checking. This problem is present in Android releases from CAF using the linux kernel, including Android for MSM, Firefox OS for MSM, and QRD Android.

Recommendations: For versions prior to the security patch level 2018-06-05, update to a version that includes the security patch level 2018-06-05 or later to resolve the issue.