PT-2018-17218 · Linux · Linux Kernel

Published

2018-07-06

Updated

2019-10-03

CVE-2018-5890

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to security patch level 2018-06-05

Description: The issue concerns a bypass of an error check for a valid device tree in Android releases using the Linux kernel. This occurs when the fdt totalsize is reported as 0 for the current device tree. The problem affects Android for MSM, Firefox OS for MSM, and QRD Android.

Recommendations: For versions prior to the security patch level 2018-06-05, apply the security patch to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-5890

Affected Products

Linux Kernel

PT-2018-17218 · Linux · Linux Kernel

CVE-2018-5890

Related Identifiers

Affected Products

References · 3