In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a race condition while accessing num of clients in DIAG services can lead to out of boundary access.
References
Link | Resource |
---|---|
https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin | Patch Third Party Advisory |
https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=6eb2f4f6fde1b210712d6ac66b40b9e7684d77db | Patch Third Party Advisory |
https://source.android.com/security/bulletin/pixel/2018-08-01#qualcomm-components | Patch Vendor Advisory |
http://support.blackberry.com/kb/articleDetail?articleNumber=000051163 | Third Party Advisory |
Configurations
Information
Published : 2018-09-19 07:29
Updated : 2018-11-08 11:49
NVD link : CVE-2018-5905
Mitre link : CVE-2018-5905
JSON object : View
CWE
Products Affected
- android