CVE-2018-11827

Опубликовано: 18 сент. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 7.2

EPSS Низкий

Описание

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper validation of array index in WMA roam synchronization handler can lead to OOB write.

Ссылки

http://www.securityfocus.com/bid/107770
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=4c74687be66c19be0b9bd83d78d033dff5d1a9ae
Patch
Third Party Advisory
https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
Patch
Third Party Advisory
http://www.securityfocus.com/bid/107770
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=4c74687be66c19be0b9bd83d78d033dff5d1a9ae
Patch
Third Party Advisory
https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 6%

0.00025

Низкий

7.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-129

Связанные уязвимости

GHSA-2g22-654r-vjqg