CVE-2018-9516
Publication date 6 November 2018
Last updated 24 July 2024
Ubuntu priority
In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580.
From the Ubuntu Security Team
It was discovered that the debug interface for the Linux kernel's HID subsystem did not properly perform bounds checking in some situations. An attacker with access to debugfs could use this to cause a denial of service or possibly gain additional privileges.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| linux | ||
| 18.04 LTS bionic |
Fixed 4.15.0-44.47
|
|
| 16.04 LTS xenial |
Fixed 4.4.0-134.160
|
|
| 14.04 LTS trusty | Ignored | |
| linux-aws | ||
| 18.04 LTS bionic |
Fixed 4.15.0-1032.34
|
|
| 16.04 LTS xenial |
Fixed 4.4.0-1066.76
|
|
| 14.04 LTS trusty |
Fixed 4.4.0-1028.31
|
|
| linux-aws-hwe | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial |
Fixed 4.15.0-1032.34~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-azure | ||
| 18.04 LTS bionic |
Fixed 4.15.0-1037.39
|
|
| 16.04 LTS xenial |
Fixed 4.15.0-1037.39~16.04.1
|
|
| 14.04 LTS trusty |
Fixed 4.15.0-1037.39~14.04.2
|
|
| linux-azure-edge | ||
| 18.04 LTS bionic |
Fixed 4.15.0-1037.39
|
|
| 16.04 LTS xenial |
Fixed 4.15.0-1037.39~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-euclid | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-flo | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp | ||
| 18.04 LTS bionic |
Fixed 4.15.0-1027.28
|
|
| 16.04 LTS xenial |
Fixed 4.15.0-1027.28~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-gcp-edge | ||
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke | ||
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-goldfish | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-grouper | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-hwe | ||
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Fixed 4.15.0-45.48~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-hwe-edge | ||
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Fixed 4.15.0-45.48~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-kvm | ||
| 18.04 LTS bionic |
Fixed 4.15.0-1029.29
|
|
| 16.04 LTS xenial |
Fixed 4.4.0-1032.38
|
|
| 14.04 LTS trusty | Not in release | |
| linux-lts-trusty | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-utopic | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Ignored | |
| linux-lts-vivid | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Ignored | |
| linux-lts-wily | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Ignored | |
| linux-lts-xenial | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty |
Fixed 4.4.0-134.160~14.04.1
|
|
| linux-maguro | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-mako | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-manta | ||
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oem | ||
| 18.04 LTS bionic |
Fixed 4.15.0-1033.38
|
|
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-oracle | ||
| 18.04 LTS bionic |
Fixed 4.15.0-1008.10
|
|
| 16.04 LTS xenial |
Fixed 4.15.0-1008.10~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-raspi2 | ||
| 18.04 LTS bionic |
Fixed 4.15.0-1031.33
|
|
| 16.04 LTS xenial |
Fixed 4.4.0-1095.103
|
|
| 14.04 LTS trusty | Not in release | |
| linux-snapdragon | ||
| 18.04 LTS bionic |
Fixed 4.15.0-1053.57
|
|
| 16.04 LTS xenial |
Fixed 4.4.0-1099.104
|
|
| 14.04 LTS trusty | Not in release |
Notes
tyhicks
HID debug events are exposed via debugfs which is only accessible by the root user in Ubuntu
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
7.8 · High
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-3871-4
- Linux kernel (HWE) vulnerabilities
- 4 February 2019
- USN-3871-1
- Linux kernel vulnerabilities
- 29 January 2019
- USN-3871-5
- Linux kernel (Azure) vulnerabilities
- 7 February 2019
- USN-3871-3
- Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities
- 4 February 2019