cvedb.io
CVE-2018-19939
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2018-12-07T09:29:00.353 · Last modified 2026-06-17T01:50:08.977

Summary

The Goodix GT9xx touchscreen driver for custom Linux kernels on Xiaomi daisy-o-oss and daisy-p-oss as used in Mi A2 Lite and RedMi6 pro devices through 2018-08-27 has a NULL pointer dereference in kfree after a kmalloc failure in gtp_read_Color in drivers/input/touchscreen/gt917d/gt9xx.c.

Affected products

mi — mi_a2_lite_firmware

Does this affect you?

Add your gear to cvedb and we'll alert you only when mi ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.