Race Condition Vulnerability in LUT Configuration Update in Android Releases

Race Condition Vulnerability in LUT Configuration Update in Android Releases

CVE-2018-11818 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, LUT configuration is passed down to driver from userspace via ioctl. Simultaneous update from userspace while kernel drivers are updating LUT registers can lead to race condition.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.