CVE-2019-9456
Description
In the Android kernel in Pixel C USB monitor driver there is a possible OOB write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Risk Information
Base Score
6.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.036
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.108.1.i586.rpm | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.108.1.x86_64.rpm | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-pae-extra-3.0.101-108.108.1.i586.rpm | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-trace-extra-3.0.101-108.108.1.x86_64.rpm | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.108.1.i586.rpm | Linux |
| SUSE-SU-2019:14218-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.108.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0093-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-4.12.14-16.7.1.x86_64.rpm | Linux |
| SUSE-SU-2020:0093-1(SUSE Linux Enterprise Server 12-SP5 ) kernel-azure-base-4.12.14-16.7.1.x86_64.rpm | Linux |
| Kernel-uek update (ELSA-2021-9442) kernel-uek-4.1.12-124.54.6.el7uek.x86_64.rpm | Linux |
| Kernel-uek-debug update (ELSA-2021-9442) kernel-uek-debug-4.1.12-124.54.6.el7uek.x86_64.rpm | Linux |
| Kernel-uek-debug-devel update (ELSA-2021-9442) kernel-uek-debug-devel-4.1.12-124.54.6.el7uek.x86_64.rpm | Linux |
| Kernel-uek-devel update (ELSA-2021-9442) kernel-uek-devel-4.1.12-124.54.6.el7uek.x86_64.rpm | Linux |
| Kernel-uek-doc update (ELSA-2021-9442) kernel-uek-doc-4.1.12-124.54.6.el7uek.noarch.rpm | Linux |
| Kernel-uek-firmware update (ELSA-2021-9442) kernel-uek-firmware-4.1.12-124.54.6.el7uek.noarch.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234