PT-2018-10434 · Mozilla+3 · Firefox Os+3

Publicado

2018-09-04

Atualizado

2019-03-04

CVE-2018-11262

CVSS v2.0

7.2

Alta

Vetor

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Android for MSM versions prior to the fixed version Firefox OS for MSM versions prior to the fixed version QRD Android versions prior to the fixed version

Description The issue arises when trying to determine the total number of partitions via a non-zero check in Android for MSM, Firefox OS for MSM, and QRD Android, using the Linux kernel. There is a possibility that 'TotalPart' could exceed 'GptHeader->MaxPtCnt', resulting in an out-of-bounds (OOB) write when patching the GUID Partition Table (GPT).

Recommendations For Android for MSM, update to a version that includes the fix for this issue. For Firefox OS for MSM, update to a version that includes the fix for this issue. For QRD Android, update to a version that includes the fix for this issue.

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-682CWE-787

Identificadores relacionados

CVE-2018-11262

Produtos afetados

Android

Firefox Os

Linux Kernel

Qrd Android

PT-2018-10434 · Mozilla+3 · Firefox Os+3

CVE-2018-11262

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4