PT-2018-17204 · Mozilla+2 · Firefox Os+2

Published

2018-07-06

Updated

2018-08-27

CVE-2018-5872

CVSS v2.0

8.3

High

Vector

AV:A/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Android versions prior to security patch level 2018-07-05

Description: The issue arises when parsing over-the-air information elements in Android releases that utilize the Linux kernel, specifically those from CAF, including Android for MSM, Firefox OS for MSM, and QRD Android. The problem occurs due to the use of an out-of-range pointer offset.

Recommendations: For Android versions prior to the security patch level 2018-07-05, apply the security patch to resolve the issue.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2018-5872

Affected Products

Android

Firefox Os

Linux Kernel

PT-2018-17204 · Mozilla+2 · Firefox Os+2

CVE-2018-5872

Weakness Enumeration

Related Identifiers

Affected Products

References · 4