PT-2018-10899 · Mozilla+3 · Firefox Os+3
Published
2018-12-07
·
Updated
2019-01-02
·
CVE-2018-11905
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android for MSM (affected versions not specified)
Firefox OS for MSM (affected versions not specified)
QRD Android (affected versions not specified)
Description
The issue is related to a possible buffer overflow in the WLAN function due to a lack of input validation in values received from firmware. This could potentially affect all Android releases from CAF using the Linux kernel.
Recommendations
For Android for MSM, update to a version that includes input validation for values received from firmware.
For Firefox OS for MSM, update to a version that includes input validation for values received from firmware.
For QRD Android, update to a version that includes input validation for values received from firmware.
As a temporary workaround, consider restricting access to the WLAN function until a patch is available.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Firefox Os
Linux Kernel
Qrd Android