| |
Vulnerability CVE-2018-11987
Published: 2018-12-20
Description: |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic. |
Type:
CWE-415 (Double Free)
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)
CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.6/10 |
6.4/10 |
3.9/10 |
Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin
|
|
|
Copyright 2024, cxsecurity.com
|
|
|