PT-2018-10899 · Mozilla+3 · Firefox Os+3
Publicado
2018-12-07
·
Atualizado
2019-01-02
·
CVE-2018-11905
CVSS v2.0
10
Alta
| Vetor | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android for MSM (affected versions not specified)
Firefox OS for MSM (affected versions not specified)
QRD Android (affected versions not specified)
Description
The issue is related to a possible buffer overflow in the WLAN function due to a lack of input validation in values received from firmware. This could potentially affect all Android releases from CAF using the Linux kernel.
Recommendations
For Android for MSM, update to a version that includes input validation for values received from firmware.
For Firefox OS for MSM, update to a version that includes input validation for values received from firmware.
For QRD Android, update to a version that includes input validation for values received from firmware.
As a temporary workaround, consider restricting access to the WLAN function until a patch is available.
Correção
Buffer Overflow
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Android
Firefox Os
Linux Kernel
Qrd Android