Code injection

The printbindertransactionilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "from code flags" lines in a debugfs file...

UBUNTU-CVE-2018-20509

The printbinderrefolocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref desc node" lines in a debugfs file...

CVE-2018-20510

The printbindertransactionilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "from code flags" lines in a debugfs file...

CVE-2018-20510

CVE-2018-20510 affects the Linux kernel 4.14.90, where the print_binder_transaction_ilocked function in drivers/android/binder.c can allow a local user to read sensitive address information from a debugfs file by exploiting the *from *code *flags lines. Connected Nessus advisories reiter this exa...

CVE-2018-20510

The printbindertransactionilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "from code flags" lines in a debugfs file...

CVE-2018-20509

CVE-2018-20509 affects the Linux kernel 4.14.90, specifically the function print_binder_ref_olocked in drivers/android/binder.c. Local users can read lines like “ref *desc *node” in a debugfs file to obtain sensitive address information. Exploitation details are not provided in the connected docu...

CVE-2018-20509

The printbinderrefolocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref desc node" lines in a debugfs file...

CVE-2018-20449

The hidmachanstats function in the drivers/dma/qcom/hidmadbg.c file in the Linux kernel allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file. By default, the debugfs filesystem access is restricted so only a privileged user can access it...

Design/Logic Flaw

The hidmachanstats function in drivers/dma/qcom/hidmadbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file...

CVE-2018-20449

The hidmachanstats function in drivers/dma/qcom/hidmadbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file...

UBUNTU-CVE-2018-20449

The hidmachanstats function in drivers/dma/qcom/hidmadbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file...

CVE-2018-20449

The hidmachanstats function in drivers/dma/qcom/hidmadbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file...

DEBIAN-CVE-2018-20449

The hidmachanstats function in drivers/dma/qcom/hidmadbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file...

CVE-2018-20449

The hidmachanstats function in drivers/dma/qcom/hidmadbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file...

CVE-2018-20449

CVE-2018-20449 affects the Linux kernel 4.14.90, specifically the hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c. It allows local users to obtain sensitive address information by reading callback= lines in a debugfs file. The issue is evidenced across multiple feeds (NVD, Red Hat, SUSE...

CVE-2018-13913

Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9640,...

Input validation

Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in version MDM9150, MDM9206, MDM9607, MDM9640,...

CVE-2019-9112

The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in sdedebugfsconncmdtxwrite in drivers/gpu/drm/msm/sde/sdeconnector.c. This is exploitable for a device crash vi...

Ubuntu 18.04 LTS : Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities (USN-3871-3)

The remote Ubuntu 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3871-3 advisory. Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to...

Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3871-4)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3871-4 advisory. USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...