Vulnerabilities > CVE-2019-8413 - NULL Pointer Dereference vulnerability in MI MIX 2 Firmware 4.4.78

047910
CVSS 4.9 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
local
low complexity
mi
CWE-476

Summary

On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka decimal 1074316661).

Vulnerable Configurations

Part Description Count
OS
Mi
1
Hardware
Mi
1

Common Weakness Enumeration (CWE)