In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /cache/ which presents a potential issue.
References
Link | Resource |
---|---|
https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin | Patch Third Party Advisory |
https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44 | Patch Third Party Advisory |
Configurations
Information
Published : 2018-11-27 08:29
Updated : 2019-10-02 17:03
NVD link : CVE-2018-11909
Mitre link : CVE-2018-11909
JSON object : View
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource
Products Affected
- android