CVE-2018-11276
N/A
N/A
Summary
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, double free of memory allocation is possible in Kernel when it explicitly tries to free that memory on driver probe failure, since memory allocated is automatically freed on probe.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Android for MSM, Firefox OS for MSM, QRD Android | All Android releases from CAF using the Linux kernel | affected |
Weaknesses
- Double Free Issue in Kernel
ADP Enrichment
CVE Program Container
Additional References
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
- https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components
- https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=83a44ca6057bf9c1e36515cded28edc32a4a1501
References
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
- https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components
- https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=83a44ca6057bf9c1e36515cded28edc32a4a1501
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.