exploitDog

CVE-2018-5896

Опубликовано: 06 июл. 2018

Источник: nvd

CVSS3: 7.1

CVSS2: 6.6

EPSS Низкий

Описание

In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, kernel panic may happen due to out-of-bound read, caused by not checking source buffer length against length of packet stream to be copied.

Ссылки

https://source.android.com/security/bulletin/2018-06-01#qualcomm-components
Vendor Advisory
https://source.android.com/security/bulletin/2018-06-01#qualcomm-components
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 12%

0.00042

Низкий

7.1 High

CVSS3

6.6 Medium

CVSS2

Дефекты

CWE-125

Связанные уязвимости

GHSA-fcvx-wh5f-5589

CVSS3: 7.1

github

больше 3 лет назад

In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, kernel panic may happen due to out-of-bound read, caused by not checking source buffer length against length of packet stream to be copied.

EPSS

Процентиль: 12%

0.00042

Низкий

7.1 High

CVSS3

6.6 Medium

CVSS2

Дефекты

CWE-125