NULL Pointer Dereference Vulnerability in Xiaomi MIX 2 Devices with 4.4.78 Kernel

CVE-2019-8413 · MEDIUM Severity

AV:L/AC:L/AU:N/C:N/I:N/A:C

On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka decimal 1074316661).

Learn more about our Web Application Penetration Testing UK.