In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, When allocating heap using user supplied size, Possible heap overflow vulnerability due to integer overflow in roundup to native pointer.
References
Link | Resource |
---|---|
https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin | Patch Third Party Advisory |
Configurations
Information
Published : 2018-12-20 07:29
Updated : 2019-10-02 17:03
NVD link : CVE-2018-11985
Mitre link : CVE-2018-11985
JSON object : View
CWE
CWE-190
Integer Overflow or Wraparound
Products Affected
- android