CVE-2018-9516

State: PUBLISHED · Published: 2018-11-06 · Updated: 2024-09-16 · Assigner: google_android

Description

In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580.

CWE

(none)

Affected

Google Inc. / Android — v=Android kernel [affected]

CVSS

(none)

References

https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html mailing-list, x_refsource_MLIST
https://usn.ubuntu.com/3871-5/ vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3871-4/ vendor-advisory, x_refsource_UBUNTU
https://source.android.com/security/bulletin/pixel/2018-09-01 x_refsource_CONFIRM
https://www.debian.org/security/2018/dsa-4308 vendor-advisory, x_refsource_DEBIAN
https://usn.ubuntu.com/3871-1/ vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/3871-3/ vendor-advisory, x_refsource_UBUNTU
https://access.redhat.com/errata/RHSA-2019:2043 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:2029 vendor-advisory, x_refsource_REDHAT

Source

cvelistV5-main/cves/2018/9xxx/CVE-2018-9516.json