CVE-2018-11293

Name of the Vulnerable Software and Affected Versions Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description The issue is related to the linux kernel in Android releases. Specifically, in the wma ndp confirm event handler and wma ndp indication event handler functions, the ndp cfg length and num ndp app info values are obtained from firmware. If these values are not properly checked, it may lead to a buffer over-read when the values are too large.

Recommendations For Android for MSM, ensure that the ndp cfg length and num ndp app info values from firmware are validated to prevent buffer over-read. For Firefox OS for MSM, validate the ndp cfg length and num ndp app info values from firmware to prevent buffer over-read. For QRD Android, validate the ndp cfg length and num ndp app info values from firmware to prevent buffer over-read.