CVE-2018-9516

Public on 2018-11-06
Modified on 2019-09-19
Description
A flaw was found in the Linux kernel in the hid_debug_events_read() function in the drivers/hid/hid-debug.c file. A lack of the certain checks may allow a privileged user ("root") to achieve an out-of-bounds write and thus receiving user space buffer corruption.
Severity
Low severity
Low
See what this means
CVSS v3 Base Score
3.1
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 kernel 2019-09-13 ALAS-2019-1278 Fixed
Amazon Linux 2 - Core kernel 2018-07-23 ALAS2-2018-1046 Fixed
Amazon Linux 2 - Core kernel 2019-09-13 ALAS2-2019-1278 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 3.1 CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:L
NVD CVSSv2 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C
NVD CVSSv3 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H