CVE-2018-3581

Summary

In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overwrite can occur if the vdev_id received from firmware is larger than max_bssid.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Android for MSM, Firefox OS for MSM, QRD AndroidAll Android releases from CAF using the Linux kernelaffected

Weaknesses

  • Improper Restriction of Operations within the Bounds of a Memory Buffer in WLAN

ADP Enrichment

CVE Program Container

Additional References

References