Information Disclosure Vulnerability in Linux Kernel 4.14.90's print_binder_transaction_ilocked Function

Information Disclosure Vulnerability in Linux Kernel 4.14.90's print_binder_transaction_ilocked Function

CVE-2018-20510 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file.

Learn more about our Cis Benchmark Audit For Bind.