CVE-2018-11275

MEDIUM

Android - Exposure of Sensitive Information via FastbootLib Image Flashing

Title source: llm
STIX 2.1

Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when flashing image using FastbootLib if size is not divisible by block size, information leak occurs.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/106949

Scores

CVSS v3 5.5
EPSS 0.0019
EPSS Percentile 8.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
google/android
Published Sep 18, 2018
Tracked Since Feb 18, 2026