Improper Access Control in CAF Android Releases: Potential Device Node and Executable Vulnerability

Improper Access Control in CAF Android Releases: Potential Device Node and Executable Vulnerability

CVE-2018-11908 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /data/ which presents a potential issue.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.