CVE-2018-11895
N/A
N/A
Summary
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check Validation in WLAN function can lead to driver writes the default rsn capabilities to the memory not allocated to the frame.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Qualcomm, Inc. | Android for MSM, Firefox OS for MSM, QRD Android | All Android releases from CAF using the Linux kernel | affected |
Weaknesses
- Potential Buffer Overflow in WLAN
ADP Enrichment
CVE Program Container
Additional References
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=3dfe93028c0c6564db7aa4607a85413195925aa4
- http://www.securityfocus.com/bid/107770
References
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=3dfe93028c0c6564db7aa4607a85413195925aa4
- http://www.securityfocus.com/bid/107770
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.