ID CVE-2018-5850
Summary In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
References
Vulnerable Configurations
  • Google Android Operating System
    cpe:2.3:o:google:android
CVSS
Base: 9.3
Impact:
Exploitability:
CWE CWE-191
CAPEC
refmap via4
misc https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2
Last major update 06-06-2018 - 17:29
Published 06-06-2018 - 17:29
Last modified 17-07-2018 - 12:49
Back to Top