| |
Vulnerability CVE-2018-12014
Published: 2019-02-11
| Description: |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Null pointer dereference vulnerability may occur due to missing NULL assignment in NAT module of freed pointer. |
Type:
CWE-416 (Use After Free)
CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
7.2/10 |
10/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Complete |
Complete |
Complete |
References: |
http://www.securityfocus.com/bid/106496
https://www.codeaurora.org/security-bulletin/2019/01/07/january-2019-code-aurora-security-bulletin
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
