Vulnerability Description
Possible buffer overflows and array out of bounds accesses in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05 while flashing images.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | - |
Related Weaknesses (CWE)
References
- https://source.android.com/security/bulletin/2018-06-01#qualcomm-componentsPatchVendor Advisory
- https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=316136f292cePatch
- https://source.android.com/security/bulletin/2018-06-01#qualcomm-componentsPatchVendor Advisory
- https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=316136f292cePatch
FAQ
What is CVE-2017-18158?
CVE-2017-18158 is a vulnerability with a CVSS score of 7.8 (HIGH). Possible buffer overflows and array out of bounds accesses in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05...
How severe is CVE-2017-18158?
CVE-2017-18158 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-18158?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.