CVE-2018-5858

Опубликовано: 06 июл. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

In the audio debugfs in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, out of bounds access can occur.

Ссылки

https://source.android.com/security/bulletin/pixel/2018-07-01
Vendor Advisory
https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd1f0cdd4715e8eae4066bd34df2eef4cf94bd7f
Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/opensource/audio-kernel/commit/?id=78193fa06b267c1d6582e5e6f9fb779cf067015e
Third Party Advisory
https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin
Third Party Advisory
https://source.android.com/security/bulletin/pixel/2018-07-01
Vendor Advisory
https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=cd1f0cdd4715e8eae4066bd34df2eef4cf94bd7f
Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/opensource/audio-kernel/commit/?id=78193fa06b267c1d6582e5e6f9fb779cf067015e
Third Party Advisory
https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletin
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 20%

0.00065

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-p83j-gmwm-gq53