CVE-2018-11275

Name of the Vulnerable Software and Affected Versions Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description A potential information leak issue occurs in Android releases when using FastbootLib to flash an image, specifically if the image size is not divisible by the block size.

Recommendations For Android for MSM, update the flashing process to ensure image sizes are properly aligned with block sizes to prevent information leaks. For Firefox OS for MSM, modify the FastbootLib usage to handle image sizes that are not divisible by the block size, mitigating the information leak risk. For QRD Android, adjust the image flashing protocol to account for block size divisibility, thereby preventing potential information leaks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.