Описание
Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
Ссылки
- ExploitThird Party Advisory
- ExploitThird Party Advisory
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одновременно
cpe:2.3:o:samsung:galaxy_s6_firmware:g920fxxu5eqh7:*:*:*:*:*:*:*
cpe:2.3:h:samsung:galaxy_s6:-:*:*:*:*:*:*:*
EPSS
Процентиль: 36%
0.00154
Низкий
6.3 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-119
Связанные уязвимости
CVSS3: 6.3
github
больше 3 лет назад
Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.
EPSS
Процентиль: 36%
0.00154
Низкий
6.3 Medium
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-119