Описание
The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in drivers/input/touchscreen/gt917d/gt9xx.c.
Ссылки
- Issue TrackingThird Party Advisory
- Issue TrackingThird Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 2018-08-27 (включая)
Одновременно
cpe:2.3:o:mi:mi_a2_lite_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mi:mi_a2_lite:-:*:*:*:*:*:*:*
Конфигурация 2Версия до 2018-08-27 (включая)
Одновременно
cpe:2.3:o:mi:redmi_6_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:mi:redmi_6:-:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00281
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-476
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in drivers/input/touchscreen/gt917d/gt9xx.c.
EPSS
Процентиль: 51%
0.00281
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-476