Vulnerability Description
While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | - |
Related Weaknesses (CWE)
References
- https://source.android.com/security/bulletin/pixel/2018-06-01#qualcomm-componentPatchVendor Advisory
- https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=5388803fa6d0Patch
- https://source.android.com/security/bulletin/pixel/2018-06-01#qualcomm-componentPatchVendor Advisory
- https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=5388803fa6d0Patch
FAQ
What is CVE-2018-5888?
CVE-2018-5888 is a vulnerability with a CVSS score of 7.8 (HIGH). While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2...
How severe is CVE-2018-5888?
CVE-2018-5888 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5888?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.