Описание
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from caller function used as an array index for WMA interfaces can lead to OOB write in WLAN HOST.
Ссылки
- PatchThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinPatchThird Party Advisory
- PatchThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinPatchThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
EPSS
Процентиль: 2%
0.00015
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-129
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from caller function used as an array index for WMA interfaces can lead to OOB write in WLAN HOST.
EPSS
Процентиль: 2%
0.00015
Низкий
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-129