In wma_nan_rsp_event_handler() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the data_len value is received from firmware and not properly validated which could potentially lead to an out-of-bounds access.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: qualcomm
Published: 2018-07-06T17:00:00Z
Updated: 2024-09-16T16:48:16.075Z
Reserved: 2018-01-19T00:00:00
Link: CVE-2018-5836
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-07-06T17:29:01.460
Modified: 2018-08-27T17:20:25.833
Link: CVE-2018-5836
Redhat
No data.