PT-2018-4513 · Google · Android

Publicado

2018-04-18

Atualizado

2018-05-09

CVE-2015-9180

CVSS v2.0

Alta

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Android versions prior to 2018-04-05 security patch level

Description The issue arises from the lack of validation of the response pointer passed from user space to SDMX process. Specifically, if the provided response buffer length is less than 16 bytes, the response values will be written to a memory location outside the buffer, potentially affecting the secure memory area.

Recommendations For Android versions prior to 2018-04-05 security patch level, update to a version with a security patch level of 2018-04-05 or later to resolve the issue.

Correção

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-119

Identificadores relacionados

CVE-2015-9180

Produtos afetados

Android

PT-2018-4513 · Google · Android

CVE-2015-9180

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3