Vulnerability Description
In the KGSL driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a reference counting error can lead to a Use After Free condition.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | - |
Related Weaknesses (CWE)
References
- https://source.android.com/security/bulletin/2018-06-01#qualcomm-componentsVendor Advisory
- https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3e13d745238ad8PatchThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-sePatchThird Party Advisory
- https://source.android.com/security/bulletin/2018-06-01#qualcomm-componentsVendor Advisory
- https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=e3e13d745238ad8PatchThird Party Advisory
- https://www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-sePatchThird Party Advisory
FAQ
What is CVE-2018-5831?
CVE-2018-5831 is a vulnerability with a CVSS score of 7.8 (HIGH). In the KGSL driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a reference counting error can lead to...
How severe is CVE-2018-5831?
CVE-2018-5831 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5831?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.