Описание
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00034
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler.
EPSS
Процентиль: 9%
0.00034
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-119