CVE-2018-11878
HIGHAndroid - Memory Corruption in WLAN Driver Command Processing
Title source: llmDescription
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possibility of invalid memory access while processing driver command in WLAN function.
References (3)
Core 3
Core References
Patch, Third Party Advisory x_refsource_confirm
https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
Patch, Third Party Advisory x_refsource_confirm
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=443edf4a19b89593f472c39e820a6a9adee76341
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/107770
Scores
CVSS v3
7.8
EPSS
0.0021
EPSS Percentile
11.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-119
Status
published
Products (1)
google/android
Published
Sep 19, 2018
Tracked Since
Feb 18, 2026