PT-2018-17225 · Linux · Linux Kernel

Published

2018-07-06

Updated

2019-10-03

CVE-2018-5897

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions: linux kernel versions prior to security patch level 2018-06-05

Description: The issue arises from a buffer over-read problem in the dci process ctrl status() function when reading data from a buffer, potentially caused by incorrect length checking. This problem is present in Android releases from CAF using the linux kernel, including Android for MSM, Firefox OS for MSM, and QRD Android.

Recommendations: For versions prior to the security patch level 2018-06-05, update to a version that includes the security patch level 2018-06-05 or later to resolve the issue.

Fix

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

CVE-2018-5897

Affected Products

Linux Kernel

PT-2018-17225 · Linux · Linux Kernel

CVE-2018-5897

Weakness Enumeration

Related Identifiers

Affected Products

References · 2