CVE-2018-11985

Summary

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, When allocating heap using user supplied size, Possible heap overflow vulnerability due to integer overflow in roundup to native pointer.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Android for MSM, Firefox OS for MSM, QRD AndroidAll Android releases from CAF using the Linux kernelaffected

Weaknesses

  • Configuration Issue in Boot

ADP Enrichment

CVE Program Container

Additional References

References