Memory Access Vulnerability in Android Releases from CAF with Linux Kernel

Memory Access Vulnerability in Android Releases from CAF with Linux Kernel

CVE-2018-11889 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when requesting rssi timeout, access invalid memory may occur since local variable 'context' stack data of wlan function is free.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.