CVE-2018-5863
CVE-2018-5863
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
15 Jun 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg80211_set_ie(), a buffer overflow occurs in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.
Affected products
Qualcomm, Inc. · Android for MSM, Firefox OS for MSM, QRD Android