Vulnerability Description
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, userspace can request ION cache maintenance on a secure ION buffer for which the ION_FLAG_SECURE ion flag is not set and cause the kernel to attempt to perform cache maintenance on memory which does not belong to HLOS.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | - |
Related Weaknesses (CWE)
References
- https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=3286b75d9151907PatchThird Party Advisory
- https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=09874396dfbf546ePatchThird Party Advisory
- https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=53261410da625aaaPatchThird Party Advisory
- https://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000Third Party Advisory
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-auroPatchThird Party Advisory
- https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=3286b75d9151907PatchThird Party Advisory
- https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=09874396dfbf546ePatchThird Party Advisory
- https://source.codeaurora.org/quic/la/kernel/msm-4.9/commit/?id=53261410da625aaaPatchThird Party Advisory
- https://support.blackberry.com/kb/articleDetail?language=en_US&articleNumber=000Third Party Advisory
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-auroPatchThird Party Advisory
FAQ
What is CVE-2018-3574?
CVE-2018-3574 is a vulnerability with a CVSS score of 5.5 (MEDIUM). In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, userspace can request ION cache maintenance on a secure ION buffer for which the ION_FLAG_SE...
How severe is CVE-2018-3574?
CVE-2018-3574 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-3574?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.