CVE-2018-11842

HIGH

Android - Use-After-Free in WLAN Association Memory Handling

Title source: llm
STIX 2.1

Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, during wlan association, driver allocates memory. In case the mem allocation fails driver does a mem free though the memory was not allocated.

Scores

CVSS v3 7.8
EPSS 0.0020
EPSS Percentile 9.6%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
google/android
Published Sep 18, 2018
Tracked Since Feb 18, 2026