CVE-2018-11300

HIGH

Android - Use-After-Free in WLAN Function via Callback Execution

Title source: llm
STIX 2.1

Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, callback executed from the other thread has freed memory which is also used in wlan function and may result in to a "Use after free" scenario.

Scores

CVSS v3 7.8
EPSS 0.0018
EPSS Percentile 7.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (1)
google/android
Published Sep 18, 2018
Tracked Since Feb 18, 2026