CVE-2018-5821

Name of the Vulnerable Software and Affected Versions: Qualcomm Android for MSM versions prior to security patch level 2018-04-05 Firefox OS for MSM versions prior to security patch level 2018-04-05 QRD Android versions prior to security patch level 2018-04-05

Description: The issue arises in the wma wow wakeup host event() function, where the wake info->vdev id value received from firmware is used directly as an array index to access wma->interfaces. This can lead to an out-of-bounds read if wake info->vdev id is greater than or equal to max bssid, as the maximum valid index should be max bssid-1.

Recommendations: For Qualcomm Android for MSM versions prior to security patch level 2018-04-05, update to a version with a security patch level of 2018-04-05 or later. For Firefox OS for MSM versions prior to security patch level 2018-04-05, update to a version with a security patch level of 2018-04-05 or later. For QRD Android versions prior to security patch level 2018-04-05, update to a version with a security patch level of 2018-04-05 or later.