The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
References
Link | Resource |
---|---|
https://www.mail-archive.com/debian-security-tracker@lists.debian.org/msg03808.html | Mailing List Third Party Advisory |
https://elixir.bootlin.com/linux/v4.14.90/source/drivers/dma/qcom/hidma_dbg.c#L92 | Patch Third Party Advisory |
https://security.netapp.com/advisory/ntap-20190502-0002/ | Third Party Advisory |
Information
Published : 2019-04-04 09:29
Updated : 2019-05-02 11:53
NVD link : CVE-2018-20449
Mitre link : CVE-2018-20449
JSON object : View
CWE
CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
Products Affected
netapp
- element_software_management_node
linux
- linux_kernel