CVE-2018-9516 - In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to

CVE-2018-9516

Summary

In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580.

References

Vulnerable Configurations

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

CVSS

Base:	7.2 (as of 06-08-2019 - 17:15)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

redhat via4

advisories

rhsa
id RHSA-2019:2029
rhsa
id RHSA-2019:2043

rpms

bpftool-0:3.10.0-1062.el7
bpftool-debuginfo-0:3.10.0-1062.el7
kernel-0:3.10.0-1062.el7
kernel-abi-whitelists-0:3.10.0-1062.el7
kernel-bootwrapper-0:3.10.0-1062.el7
kernel-debug-0:3.10.0-1062.el7
kernel-debug-debuginfo-0:3.10.0-1062.el7
kernel-debug-devel-0:3.10.0-1062.el7
kernel-debuginfo-0:3.10.0-1062.el7
kernel-debuginfo-common-ppc64-0:3.10.0-1062.el7
kernel-debuginfo-common-ppc64le-0:3.10.0-1062.el7
kernel-debuginfo-common-s390x-0:3.10.0-1062.el7
kernel-debuginfo-common-x86_64-0:3.10.0-1062.el7
kernel-devel-0:3.10.0-1062.el7
kernel-doc-0:3.10.0-1062.el7
kernel-headers-0:3.10.0-1062.el7
kernel-kdump-0:3.10.0-1062.el7
kernel-kdump-debuginfo-0:3.10.0-1062.el7
kernel-kdump-devel-0:3.10.0-1062.el7
kernel-tools-0:3.10.0-1062.el7
kernel-tools-debuginfo-0:3.10.0-1062.el7
kernel-tools-libs-0:3.10.0-1062.el7
kernel-tools-libs-devel-0:3.10.0-1062.el7
perf-0:3.10.0-1062.el7
perf-debuginfo-0:3.10.0-1062.el7
python-perf-0:3.10.0-1062.el7
python-perf-debuginfo-0:3.10.0-1062.el7
kernel-rt-0:3.10.0-1062.rt56.1022.el7
kernel-rt-debug-0:3.10.0-1062.rt56.1022.el7
kernel-rt-debug-debuginfo-0:3.10.0-1062.rt56.1022.el7
kernel-rt-debug-devel-0:3.10.0-1062.rt56.1022.el7
kernel-rt-debug-kvm-0:3.10.0-1062.rt56.1022.el7
kernel-rt-debug-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7
kernel-rt-debuginfo-0:3.10.0-1062.rt56.1022.el7
kernel-rt-debuginfo-common-x86_64-0:3.10.0-1062.rt56.1022.el7
kernel-rt-devel-0:3.10.0-1062.rt56.1022.el7
kernel-rt-doc-0:3.10.0-1062.rt56.1022.el7
kernel-rt-kvm-0:3.10.0-1062.rt56.1022.el7
kernel-rt-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7
kernel-rt-trace-0:3.10.0-1062.rt56.1022.el7
kernel-rt-trace-debuginfo-0:3.10.0-1062.rt56.1022.el7
kernel-rt-trace-devel-0:3.10.0-1062.rt56.1022.el7
kernel-rt-trace-kvm-0:3.10.0-1062.rt56.1022.el7
kernel-rt-trace-kvm-debuginfo-0:3.10.0-1062.rt56.1022.el7

refmap via4

confirm	https://source.android.com/security/bulletin/pixel/2018-09-01
debian	DSA-4308
mlist	[debian-lts-announce] 20181003 [SECURITY] [DLA 1531-1] linux-4.9 security update
ubuntu	USN-3871-1 USN-3871-3 USN-3871-4 USN-3871-5

Last major update

06-08-2019 - 17:15

Published

06-11-2018 - 17:29

Last modified

06-08-2019 - 17:15