Heap Overflow Vulnerability in CAF Android Releases with Linux Kernel

Heap Overflow Vulnerability in CAF Android Releases with Linux Kernel

CVE-2018-11985 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, When allocating heap using user supplied size, Possible heap overflow vulnerability due to integer overflow in roundup to native pointer.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.