Описание
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when requesting rssi timeout, access invalid memory may occur since local variable 'context' stack data of wlan function is free.
Ссылки
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinPatchThird Party Advisory
- Third Party AdvisoryVDB Entry
- PatchThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00032
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when requesting rssi timeout, access invalid memory may occur since local variable 'context' stack data of wlan function is free.
EPSS
Процентиль: 9%
0.00032
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-119