CVE-2018-20510

Name of the Vulnerable Software and Affected Versions: Linux kernel version 4.14.90

Description: The issue allows local users to obtain sensitive address information by reading specific lines in a debugfs file. This is due to a problem in the print binder transaction ilocked function in drivers/android/binder.c.

Recommendations: For Linux kernel version 4.14.90, consider restricting access to the debugfs file to minimize the risk of exploitation. As a temporary workaround, limiting read access to the debugfs file may help mitigate the issue until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.