Unchecked Input in NVIDIA Tegra X1 Direct Rendering Infrastructure Leads to Kernel Memory Corruption and Possible Code Execution

Unchecked Input in NVIDIA Tegra X1 Direct Rendering Infrastructure Leads to Kernel Memory Corruption and Possible Code Execution

CVE-2017-0866 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passed as a pointer to kfree. This could lead to kernel memory corruption and possible code execution. This issue is rated as moderate. Product: Pixel. Version: N/A. Android ID: A-38415808. References: N-CVE-2017-0866.

Learn more about our Cis Benchmark Audit For Google Android.