CVE-2018-9363

HIGH

Description

In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.

References

https://access.redhat.com/errata/RHSA-2018:2948

https://access.redhat.com/errata/RHSA-2019:2029

https://access.redhat.com/errata/RHSA-2019:2043

https://lists.debian.org/debian-lts-announce/2018/10/msg00003.html

https://source.android.com/security/bulletin/2018-06-01

https://usn.ubuntu.com/3797-1/

https://usn.ubuntu.com/3797-2/

https://usn.ubuntu.com/3820-1/

https://usn.ubuntu.com/3820-2/

https://usn.ubuntu.com/3820-3/

https://usn.ubuntu.com/3822-1/

https://usn.ubuntu.com/3822-2/

https://www.debian.org/security/2018/dsa-4308

Details

Source: MITRE

Published: 2018-11-06

Updated: 2019-08-06

Type: CWE-190

Risk Information

CVSS v2.0

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3.0

Base Score: 8.4

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 2.5

Severity: HIGH

Vulnerable Software

ID	Name	Product	Family	Severity
129066	Amazon Linux 2 : kernel (ALAS-2019-1281)	Nessus	Amazon Linux Local Security Checks	high
129065	Amazon Linux 2 : kernel (ALAS-2019-1280)	Nessus	Amazon Linux Local Security Checks	high
129007	Amazon Linux AMI : kernel (ALAS-2019-1280)	Nessus	Amazon Linux Local Security Checks	high
128651	CentOS 7 : kernel (CESA-2019:2029)	Nessus	CentOS Local Security Checks	high
128226	Scientific Linux Security Update : kernel on SL7.x x86_64	Nessus	Scientific Linux Local Security Checks	high
127655	RHEL 7 : kernel-rt (RHSA-2019:2043)	Nessus	Red Hat Local Security Checks	high
127650	RHEL 7 : kernel (RHSA-2019:2029)	Nessus	Red Hat Local Security Checks	high
123329	openSUSE Security Update : the Linux Kernel (openSUSE-2019-769)	Nessus	SuSE Local Security Checks	high
121605	OracleVM 3.4 : Unbreakable / etc (OVMSA-2019-0002)	Nessus	OracleVM Local Security Checks	high
120976	Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2019-4315)	Nessus	Oracle Linux Local Security Checks	high
120088	SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2018:2539-1)	Nessus	SuSE Local Security Checks	high
118973	Ubuntu 14.04 LTS : linux vulnerabilities (USN-3822-1)	Nessus	Ubuntu Local Security Checks	high
118970	Ubuntu 14.04 LTS : linux-azure vulnerabilities (USN-3820-3)	Nessus	Ubuntu Local Security Checks	high
118969	Ubuntu 16.04 LTS : linux-hwe, linux-azure, linux-gcp vulnerabilities (USN-3820-2)	Nessus	Ubuntu Local Security Checks	high
118968	Ubuntu 18.04 LTS : linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities (USN-3820-1)	Nessus	Ubuntu Local Security Checks	high
118513	RHEL 7 : kernel-alt (RHSA-2018:2948) (Spectre)	Nessus	Red Hat Local Security Checks	high
118328	Ubuntu 14.04 LTS : linux-lts-xenial, linux-aws vulnerabilities (USN-3797-2)	Nessus	Ubuntu Local Security Checks	high
118327	Ubuntu 16.04 LTS : linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities (USN-3797-1)	Nessus	Ubuntu Local Security Checks	high
118034	SUSE SLES12 Security Update : kernel (SUSE-SU-2018:3084-1)	Nessus	SuSE Local Security Checks	high
117988	openSUSE Security Update : the Linux Kernel (openSUSE-2018-1140)	Nessus	SuSE Local Security Checks	high
117908	Debian DLA-1531-1 : linux-4.9 security update	Nessus	Debian Local Security Checks	high
117862	Debian DSA-4308-1 : linux - security update	Nessus	Debian Local Security Checks	high
117800	SUSE SLES12 Security Update : kernel (SUSE-SU-2018:2858-1)	Nessus	SuSE Local Security Checks	high
117629	SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2018:2776-1)	Nessus	SuSE Local Security Checks	high
117523	openSUSE Security Update : the Linux Kernel (openSUSE-2018-1016)	Nessus	SuSE Local Security Checks	high