Buffer Overflow Vulnerability in Android Releases from CAF with Linux Kernel

Buffer Overflow Vulnerability in Android Releases from CAF with Linux Kernel

CVE-2018-11265 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possible buffer overflow while incrementing the log_buf of type uint64_t in memcpy function, since the log_buf pointer can access the memory beyond the size to store the data after pointer increment.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.