CVE-2018-11905

CRITICAL

Android - Buffer Overflow in WLAN Function via Firmware Input

Title source: llm
STIX 2.1

Description

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in WLAN function due to lack of input validation in values received from firmware.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/105872

Scores

CVSS v3 9.8
EPSS 0.0089
EPSS Percentile 54.8%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-119
Status published
Products (1)
google/android
Published Dec 07, 2018
Tracked Since Feb 18, 2026