Описание
In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- PatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- PatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00032
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-682
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT.
EPSS
Процентиль: 9%
0.00032
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-682