Vulnerabilities > Blktrace Project > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-05-03 CVE-2018-10689 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Blktrace Project Blktrace 1.2.0
blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file.
local
low complexity
blktrace-project CWE-119
5.5