Описание
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the function UpdateDeviceStatus() writes a local stack buffer without initialization to flash memory using WriteToPartition() which may potentially leak memory.
Ссылки
- PatchVendor Advisory
- PatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
EPSS
Процентиль: 12%
0.00041
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-772
Связанные уязвимости
CVSS3: 5.5
github
больше 3 лет назад
In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the function UpdateDeviceStatus() writes a local stack buffer without initialization to flash memory using WriteToPartition() which may potentially leak memory.
EPSS
Процентиль: 12%
0.00041
Низкий
5.5 Medium
CVSS3
2.1 Low
CVSS2
Дефекты
CWE-772