Information Disclosure Vulnerability in Linux Kernel 4.14.90 via print_binder_ref_olocked Function

Information Disclosure Vulnerability in Linux Kernel 4.14.90 via print_binder_ref_olocked Function

CVE-2018-20509 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file.

Learn more about our Cis Benchmark Audit For Bind.