exploitDog

CVE-2018-12010

Опубликовано: 11 фев. 2019

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Absence of length sanity check may lead to possible stack overflow resulting in memory corruption in trustzone region.

Ссылки

https://www.codeaurora.org/security-bulletin/2019/01/07/january-2019-code-aurora-security-bulletin
Patch
Third Party Advisory
https://www.codeaurora.org/security-bulletin/2019/01/07/january-2019-code-aurora-security-bulletin
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 4%

0.00019

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-wm46-fj3j-35j9

CVSS3: 7.8

github

больше 3 лет назад

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Absence of length sanity check may lead to possible stack overflow resulting in memory corruption in trustzone region.

EPSS

Процентиль: 4%

0.00019

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-787