» 2018 » 9월

CVE-2018-3573

Posted on 2018년 9월 19일2018년 9월 20일 by admin

CVE-2018-3573

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while relocating kernel images with a specially crafted boot image, an out of bounds access can occur.

Source: CVE-2018-3573

CVE-2018-5905

Posted on 2018년 9월 19일2018년 9월 20일 by admin

CVE-2018-5905

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a race condition while accessing num of clients in DIAG services can lead to out of boundary access.

Source: CVE-2018-5905

CVE-2018-8017

Posted on 2018년 9월 19일2018년 9월 20일 by admin

CVE-2018-8017

In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser.

Source: CVE-2018-8017

CVE-2018-11902

Posted on 2018년 9월 19일2018년 9월 20일 by admin

CVE-2018-11902

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to OOB access in WLAN HOST.

Source: CVE-2018-11902

CVE-2018-11898

Posted on 2018년 9월 19일2018년 9월 20일 by admin

CVE-2018-11898

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing start bss request from upper layer, out of bounds read occurs if ssid length is greater than maximum.

Source: CVE-2018-11898

CVE-2018-11897

Posted on 2018년 9월 19일2018년 9월 20일 by admin

CVE-2018-11897

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing diag event after associating to a network out of bounds read occurs if ssid of the network joined is greater than max limit.

Source: CVE-2018-11897

CVE-2018-11894

Posted on 2018년 9월 19일2018년 9월 20일 by admin

CVE-2018-11894

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing preferred network offload scan results integer overflow may lead to buffer overflow when large frame length is received from FW.

Source: CVE-2018-11894

CVE-2018-11895

Posted on 2018년 9월 19일2018년 9월 20일 by admin

CVE-2018-11895

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check Validation in WLAN function can lead to driver writes the default rsn capabilities to the memory not allocated to the frame.

Source: CVE-2018-11895

CVE-2018-11893

Posted on 2018년 9월 19일2018년 9월 20일 by admin

CVE-2018-11893

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing vendor scan request, when input argument – length of request IEs is greater than maximum can lead to a buffer overflow.

Source: CVE-2018-11893

CVE-2018-11904

Posted on 2018년 9월 19일2018년 9월 20일 by admin

CVE-2018-11904

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer.

Source: CVE-2018-11904