PT-2018-10469 · Qualcomm+2 · Qrd Android+2
Publicado
2018-07-06
·
Atualizado
2018-09-07
·
CVE-2018-11304
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Android for MSM versions prior to the fixed version
Firefox OS for MSM versions prior to the fixed version
QRD Android versions prior to the fixed version
Description
The issue is related to a possible buffer overflow in the
msm adsp stream callback put function due to insufficient input validation of user-provided data, leading to an integer overflow. This affects all Android releases from CAF using the Linux kernel.Recommendations
For Android for MSM, update to a version that includes the fix for the integer overflow issue in
msm adsp stream callback put.
For Firefox OS for MSM, update to a version that includes the fix for the integer overflow issue in msm adsp stream callback put.
For QRD Android, update to a version that includes the fix for the integer overflow issue in msm adsp stream callback put.Correção
Integer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android
Firefox Os
Qrd Android