Integer Overflow Vulnerability in LED Driver on Xiaomi Redmi 6pro

Integer Overflow Vulnerability in LED Driver on Xiaomi Redmi 6pro

CVE-2018-20788 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:N/A:P

drivers/leds/leds-aw2023.c in the led driver for custom Linux kernels on the Xiaomi Redmi 6pro daisy-o-oss phone has several integer overflows because of a left-shifting operation when the right-hand operand can be equal to or greater than the integer length. This can be exploited by a crafted application for denial of service.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.