CVE-2018-11868

HIGH

Android - Buffer Overflow in NAN Response Event Handler

Title source: llm
STIX 2.1

Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in nan response event handler.

References (3)

Core 3

Scores

CVSS v3 7.8
EPSS 0.0022
EPSS Percentile 12.2%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
google/android
Published Sep 18, 2018
Tracked Since Feb 18, 2026