Improper Mounting Vulnerability in CAF Android Releases: Potential Security Issue with /dsp/ Device Node Execution

Improper Mounting Vulnerability in CAF Android Releases: Potential Security Issue with /dsp/ Device Node Execution

CVE-2018-11956 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper mounting lead to device node and executable to be run from /dsp/ which presents a potential security issue.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.