Published: 06/11/2018 Updated: 06/08/2019

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 641

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android -
debian debian linux 8.0
debian debian linux 9.0
canonical ubuntu linux 14.04
canonical ubuntu linux 16.04
canonical ubuntu linux 18.04

Synopsis Important: kernel-rt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-rt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (C ...

Synopsis Important: kernel security, bug fix, and enhancement update Type/Severity Security Advisory: Important Topic An update for kernel is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring S ...

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2018-6554 A memory leak in the irda_bind function in the irda subsystem was discovered A local user can take advantage of this flaw to cause a denial of service (memory consumption) CVE ...

Multiple regressions were fixed in the Linux kernel ...

Several security issues were fixed in the Linux kernel ...

A flaw was found in the Linux kernel in the hid_debug_events_read() function in the drivers/hid/hid-debugc file A lack of the certain checks may allow a privileged user ("root") to achieve an out-of-bounds write and thus receiving user space buffer corruption (CVE-2018-9516) ...

A flaw was found in the Linux kernel in the hid_debug_events_read() function in the drivers/hid/hid-debugc file A lack of the certain checks may allow a privileged user ("root") to achieve an out-of-bounds write and thus receiving user space buffer corruption(CVE-2018-9516) Note: The Release Date is incorrect This CVE was fixed July 2018 ...

A flaw was found in the Linux kernel in the hid_debug_events_read() function in the drivers/hid/hid-debugc file A lack of the certain checks may allow a privileged user ("root") to achieve an out-of-bounds write and thus receiving userspace buffer corruption ...

CWE-787 https://source.android.com/security/bulletin/pixel/2018-09-01 https://www.debian.org/security/2018/dsa-4308 https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html https://usn.ubuntu.com/3871-1/https://usn.ubuntu.com/3871-4/https://usn.ubuntu.com/3871-3/https://usn.ubuntu.com/3871-5/https://access.redhat.com/errata/RHSA-2019:2043 https://access.redhat.com/errata/RHSA-2019:2029 https://access.redhat.com/errata/RHSA-2019:2043 https://nvd.nist.gov https://usn.ubuntu.com/3871-2/https://www.debian.org/security/./dsa-4308

CVE-2018-9516

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect