CVE-2018-14745

HIGH

Samsung Galaxy S6 Firmware - Buffer Overflow in bcmdhd4358 Wi-Fi Driver

Title source: llm

Description

Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029.

References (3)

Core 3

Core References

Exploit, Third Party Advisory x_refsource_misc

https://pastebin.com/tmFrECnZ

Vendor Advisory x_refsource_confirm

https://security.samsungmobile.com/securityUpdate.smsb

Exploit, Third Party Advisory x_refsource_misc

https://github.com/securesystemslab/periscope/blob/master/bugs-found/CVE-2018-14745.md

View Exploit ZIP pw:eip

Scores

CVSS v3 8.8

EPSS 0.0019

EPSS Percentile 40.4%

Attack Vector ADJACENT_NETWORK

CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (1)

samsung/galaxy_s6_firmware g920fxxu5eqh7

Published Mar 21, 2019

Tracked Since Feb 18, 2026