CVE-2018-11020

kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device file /dev/rpmsg-omx1 with the command 3221772291, and cause a kernel crash.

Published : 2018-10-16 22:29 Updated : 2019-01-17 20:42

4.9
CVSS Score More info
Score 4.9 / 10
4.9
Vendor Product Version URI
Amazon Fire Os 4.5.5.3 cpe:/o:amazon:fire_os:4.5.5.3
  1. Amazon (1) Search CVE
    1. Fire Os (1) Search CVE
      1. 4.5.5.3

CWE

ID Name Description Links
CWE-88 Argument Injection or Modification The software does not sufficiently delimit the arguments being passed to a component in another control sphere, allowing alternate arguments to be provided, leading to potentially security-relevant changes. CVE

History of changes

Date Event
2019-01-17 20:42
2018-10-16 22:29

New CVE