An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree. This could lead to kernel memory corruption and possible code execution. This issue is rated as moderate. Product: Pixel. Version: N/A. Android ID: A-38415808. References: N-CVE-2017-0866.
References
Link | Resource |
---|---|
https://source.android.com/security/bulletin/pixel/2017-11-01#announcements | Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2017-11-16 14:29
Updated : 2019-10-02 17:03
NVD link : CVE-2017-0866
Mitre link : CVE-2017-0866
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
nvidia
- tegra_x1
- tegra_x1_firmware