ID CVE-2018-5844
Summary In the video driver function set_output_buffers(), binfo can be accessed after being freed in a failure scenario in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
References
Vulnerable Configurations
  • cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 03-08-2018 - 18:38)
Impact:
Exploitability:
CWE CWE-416
CAPEC
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
refmap via4
misc https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2
Last major update 03-08-2018 - 18:38
Published 12-06-2018 - 20:29
Last modified 03-08-2018 - 18:38
Back to Top