In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a possible buffer overflow in debugfs module due to lack of check in size of input before copying into buffer.
References
Link | Resource |
---|---|
https://www.codeaurora.org/security-bulletin/2018/08/06/august-2018-code-aurora-security-bulletin | Patch Third Party Advisory |
https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=ac40b7c7591476a8863b477ddc1c14c631f77256 | Patch Third Party Advisory |
Configurations
Information
Published : 2018-11-27 08:29
Updated : 2018-12-21 10:06
NVD link : CVE-2018-5906
Mitre link : CVE-2018-5906
JSON object : View
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
Products Affected
- android