Out-of-Bounds Write Vulnerability in GPT Partitioning on Android for MSM, Firefox OS for MSM, and QRD Android
CVE-2018-11262 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.