Use After Free Vulnerability in IPA Driver for Android Releases

Use After Free Vulnerability in IPA Driver for Android Releases

CVE-2018-5846 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

A Use After Free condition can occur in the IPA driver whenever the IPA IOCTLs IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_ADD/IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_DEL/IPA_IOC_NOTIFY_WAN_EMBMS_CONNECTED are called in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.