PT-2018-17435 · Google+1 · Android+1

Published

2018-05-10

Updated

2018-06-14

CVE-2018-6246

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Android versions prior to the 2018-05-05 security patch level

Description The issue concerns a buffer overflow in the NVIDIA Widevine Trustlet, specifically in the Widevine TA, where the software reads data past the end or before the beginning of the intended buffer. This may lead to information disclosure. The issue is rated as moderate.

Recommendations For Android versions prior to the 2018-05-05 security patch level, update to a version that includes the 2018-05-05 security patch level or later to resolve the issue.

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

CVE-2018-6246

Affected Products

Android

Nvidia Widevine Trustlet

PT-2018-17435 · Google+1 · Android+1

CVE-2018-6246

Weakness Enumeration

Related Identifiers

Affected Products

References · 3