Vulnerability Description
Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Samsung | Galaxy S6 Firmware | g920fxxu5eqh7 |
| Samsung | Galaxy S6 | - |
Related Weaknesses (CWE)
References
- https://github.com/securesystemslab/periscope/blob/master/bugs-found/CVE-2018-14ExploitThird Party Advisory
- https://pastebin.com/tmFrECnZExploitThird Party Advisory
- https://security.samsungmobile.com/securityUpdate.smsbVendor Advisory
- https://github.com/securesystemslab/periscope/blob/master/bugs-found/CVE-2018-14ExploitThird Party Advisory
- https://pastebin.com/tmFrECnZExploitThird Party Advisory
- https://security.samsungmobile.com/securityUpdate.smsbVendor Advisory
FAQ
What is CVE-2018-14745?
CVE-2018-14745 is a vulnerability with a CVSS score of 8.8 (HIGH). Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrit...
How severe is CVE-2018-14745?
CVE-2018-14745 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-14745?
Check the references section above for vendor advisories and patch information. Affected products include: Samsung Galaxy S6 Firmware, Samsung Galaxy S6.