In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /systemrw/ which presents a potential security.
References
Link | Resource |
---|---|
https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin | Patch Third Party Advisory |
https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44 | Patch Third Party Advisory |
https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=e1a95254dd0ec874f884160aaf0f5ce7947a06c8 | Patch Third Party Advisory |
Configurations
Information
Published : 2018-11-27 08:29
Updated : 2019-10-02 17:03
NVD link : CVE-2018-11914
Mitre link : CVE-2018-11914
JSON object : View
CWE
CWE-732
Incorrect Permission Assignment for Critical Resource
Products Affected
- android