CVE-2018-11262

In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT.
Configurations

Configuration 1 (hide)

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

History

21 Nov 2024, 03:43

Type Values Removed Values Added
References () http://www.securityfocus.com/bid/106949 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/106949 - Third Party Advisory, VDB Entry
References () https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=29ab5eb75bc9ed01466ab1a98e932e59fe27ad42 - Patch, Third Party Advisory () https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=29ab5eb75bc9ed01466ab1a98e932e59fe27ad42 - Patch, Third Party Advisory
References () https://www.codeaurora.org/security-bulletin/2018/08/06/august-2018-code-aurora-security-bulletin - Patch, Third Party Advisory () https://www.codeaurora.org/security-bulletin/2018/08/06/august-2018-code-aurora-security-bulletin - Patch, Third Party Advisory

Information

Published : 2018-09-04 16:29

Updated : 2024-11-21 03:43


NVD link : CVE-2018-11262

Mitre link : CVE-2018-11262

CVE.ORG link : CVE-2018-11262


JSON object : View

Products Affected

google

  • android
CWE
CWE-682

Incorrect Calculation

CWE-787

Out-of-bounds Write