Arbitrary Information Leakage Vulnerability in sbusfb_ioctl_helper() Function

Arbitrary Information Leakage Vulnerability in sbusfb_ioctl_helper() Function

CVE-2018-6412 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary information leakage for the FBIOPUTCMAP_SPARC and FBIOGETCMAP_SPARC commands.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.