exploitDog

GHSA-g5m9-qp27-rc7w

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not properly validated which can lead to a buffer over-read

In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not properly validated which can lead to a buffer over-read

Ссылки

EPSS

Процентиль: 12%

0.0004

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-125

Связанные уязвимости

CVE-2018-3579

CVSS3: 5.5

nvd

больше 7 лет назад

In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not properly validated which can lead to a buffer over-read

EPSS

Процентиль: 12%

0.0004

Низкий

5.5 Medium

CVSS3

CVE ID

Дефекты

CWE-125