CVE-2018-5904

HIGH

Android - Use-After-Free in LPM Status Driver

Title source: llm
STIX 2.1

Description

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while list traversal in LPM status driver for clean up, use after free vulnerability may occur.

Scores

CVSS v3 7.8
EPSS 0.0019
EPSS Percentile 8.5%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (1)
google/android
Published Nov 27, 2018
Tracked Since Feb 18, 2026