CVE-2018-11020

Name of the Vulnerable Software and Affected Versions Fire OS version 4.5.5.3

Description The issue allows attackers to inject a crafted argument via the argument of an ioctl on device file "/dev/rpmsg-omx1" with the command 3221772291, and cause a kernel crash. This is due to a flaw in the kernel component, specifically in the file 'kernel/omap/drivers/rpmsg/rpmsg omx.c'.

Recommendations For Fire OS version 4.5.5.3, as a temporary workaround, consider restricting access to the "/dev/rpmsg-omx1" device file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.