PT-2018-10433 · Mozilla+2 · Firefox Os+2
Published
2018-11-27
·
Updated
2018-12-21
·
CVE-2018-11261
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android for MSM (affected versions not specified)
Firefox OS for MSM (affected versions not specified)
QRD Android (affected versions not specified)
Description
The issue is related to a possible Use-after-free problem in the Media Codec process. This could affect any application that utilizes the codec service.
Recommendations
For Android for MSM, update to a version that includes a fix for the Media Codec process issue.
For Firefox OS for MSM, update to a version that includes a fix for the Media Codec process issue.
For QRD Android, update to a version that includes a fix for the Media Codec process issue.
As a temporary workaround, consider restricting the use of applications that utilize the codec service until a patch is available.
Fix
Use After Free
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Firefox Os
Qrd Android