Vulnerability Details CVE-2019-9112
The msm gpu driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the count argument in _sde_debugfs_conn_cmd_tx_write in drivers/gpu/drm/msm/sde/sde_connector.c. This is exploitable for a device crash via a syscall by a crafted application on a rooted device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.3%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 7.1
References
Products affected by CVE-2019-9112
-
cpe:2.3:o:micode:xiaomi_perseus-p-oss:2018-11-26