QwikSec

Security Database

CVE

CWE

Training

CVE-2018-11265

Published: Sep 18, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possible buffer overflow while incrementing the log_buf of type uint64_t in memcpy function, since the log_buf pointer can access the memory beyond the size to store the data after pointer increment.

Vendor	Product	Versions
Qualcomm, Inc.	Android for MSM, Firefox OS for MSM, QRD Android	affected `All Android releases from CAF using the Linux kernel`

References

https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin

x_refsource_CONFIRM

https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=b211b051d7ca226d96b70defe10ac318f768b5b2

x_refsource_CONFIRM

https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.