CVE-2018-11278
CVE-2018-11278
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
18 sep 2018Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Venus HW searches for start code when decoding input bit stream buffers. If start code is not found in entire buffer, there is over-fetch beyond allocation length. This leads to page fault.
Productos afectados
Qualcomm, Inc. · Android for MSM, Firefox OS for MSM, QRD Android