CVE-2018-11852

HIGH

Android - Out-of-bounds Write in WMA API

Title source: llm
STIX 2.1

Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write.

Scores

CVSS v3 7.8
EPSS 0.0018
EPSS Percentile 7.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-787
Status published
Products (1)
google/android
Published Sep 18, 2018
Tracked Since Feb 18, 2026