CVE-2018-20509

Name of the Vulnerable Software and Affected Versions: Linux kernel version 4.14.90

Description: The issue concerns the print binder ref olocked function in the Linux kernel, which allows local users to obtain sensitive address information. This is achieved by reading specific lines in a debugfs file, namely "ref *desc *node" lines.

Recommendations: For Linux kernel version 4.14.90, consider restricting access to the debugfs file to minimize the risk of exploitation. As a temporary workaround, limiting the ability of local users to read sensitive information from the debugfs file may help mitigate the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.