CVE-2018-11995 Information
Feb 14, 2021
cve
Description
In all android releases(Android for MSM Firefox OS for MSM QRD Android) from CAF using the linux kernel a partition name-check variable is not reset for every iteration which may cause improper termination in the META image.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Reference
http://www.securityfocus.com/bid/105872 https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=e3688be47d2b72f130f90dafd24b5f5acc4684ca https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8
Share on: