Описание
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), kernel memory can be exposed.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
EPSS
Процентиль: 31%
0.00117
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 7.5
github
больше 3 лет назад
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), kernel memory can be exposed.
EPSS
Процентиль: 31%
0.00117
Низкий
7.5 High
CVSS3
5 Medium
CVSS2
Дефекты
CWE-125