National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2018-11904 Detail

Current Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer.

Source:  MITRE
Description Last Modified:  09/19/2018
View Analysis Description

Impact

CVSS v3.0 Severity and Metrics:

Base Score: 7.8 HIGH
Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (V3 legend)
Impact Score: 5.9
Exploitability Score: 1.8


Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): Low
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High

CVSS v2.0 Severity and Metrics:

Base Score: 7.2 HIGH
Vector: (AV:L/AC:L/Au:N/C:C/I:C/A:C) (V2 legend)
Impact Subscore: 10.0
Exploitability Subscore: 3.9


Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (AU): None
Confidentiality (C): Complete
Integrity (I): Complete
Availability (A): Complete
Additional Information:
Allows unauthorized disclosure of information
Allows unauthorized modification
Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource
https://source.codeaurora.org/quic/la//platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=0a755b400876ab4d58151e98462d3fa8fe099f61 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=00022c12e0cad8b735f94d6ee3785a557b4a3df2 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=3815e870ef906409af4a228f66d9400081227b75 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=667b3108d10e9580bf9f6d337c759dc88a1a0bdc Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=731ebf70a25ab2cdc32d2626dcebe60fe3b09481 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=85ea1c126b05f133206cd9c6d8d9fbf137d81d27 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=8ee65e3c9addab1d3c15ba013401f5698fb73594 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=9a8f1aeb8055de80137e769fae637cd480495509 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a009a84d04bfac2a5c01101f38a70d216960fac0 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=a4b4267f94802e0a4d93999649710bbf340796d5 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=be70d02f12cb9a71a9b07b601f0efafc99718ec9 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ebf1042efb9bd4517cd09a543bb4e3a164de8771 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=ec9896d0bc7521bbbe6dc28a198635dc281e7358 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/prima/commit/?id=f9f86fd07af5606d0cb74c3eca5b2cbfda509345 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?h=wlan-cld2.driver.lnx.1.0.r21-rel&id=391d37818aaa8038a06662075dd8893501452931 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=106f5c62b01b5a212bb53d13e3a3e70db2baedee Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=174c053d1aa1bf5395647e3927d718255f3cbe75 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=17f6fbb4b52a6acdd831ebaffdac9bbc88d2f423 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=191f02a7ec2a4cccaebbdac8d36897e1ae125244 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=335ae3f8b353b6c7260eacb6aa706bb30f8a6bdc Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=3ea5197d268c6f4ed08fb866b587349f7049c6d5 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4aa30844e28eb4b410f86d97e970a39fcdfd797d Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=4abed07fd2380b6073f5cc9f2a701773e914f86f Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=54e7d8fa44202a8528ef33d85381bca63d7749a5 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=57a5e1f62cd3230fd046b199eee902507100e18c Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=78a681f9d0d8e9843223dc42d02443e911b196a1 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=846f561170f0f4f6345d6b0ce1c35bf7059126cb Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=8dc81c98ed72c99983660d5b94c2c8283bc1ff7f Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9048145ff167fb8f9f8d2a9845ee1d1b45c4884c Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=99c0ddb04e8de0b8139778c7fb77b1957d113769 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=9e040e43da5fe987747e16b305d7adf66977420f Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=a978afb1838273e0d7a7ec86dd8bc9db85dff49d Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=b98f8aafb23cbc8e883870bcc9dac165b3d75ae6 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=d42e72aa69a02531396b5a37cadebf927a757aa6 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=eb72224cc57092448663fecc2c9bfa0f775eb770 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=fb2f07b3b0d637a403bb891c57e76b6345a92cf0 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=002cb97a955832197f3ceebfa8b32bd12b946151 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=0c5a2ba407f23efd89cac6dc45e2ab9bdba3ada1 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=17275491f327909b32945ec1f465968021d22a7f Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=239aba9a1a4a474d86bde9cb67bfb1b2d6379a7c Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=7af334bfc3375c9f85a330b84db17c0db1d6dade Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=9ab5a5a0b63075cfd095ed6bcf506b4704c523e1 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a544494791b6307a2fe52fa282768083deb8a317 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=a6ace5b9ea34f22b136a35248087efc2ceb35fd4 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=c13bdf105aa20559d2d783508051ad2dd3cfa65b Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dd9ae2971b493909879cc2fd0fa97d12e1560762 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=dda167ca8104de77f46fd29c66f66f807c63b309 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=ee9797fbefb45eee88c92420a24cda838cff6b45 Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f11eeadd214e081a824f30aec5cb52d390ef576c Patch Third Party Advisory
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=f7ee321d5f31ce5bc6a4cbec72a965d272b3b77b Patch Third Party Advisory
https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin Patch Third Party Advisory

Technical Details

Vulnerability Type (View All)

  • NULL Pointer Dereference (CWE-476)

Vulnerable software and versions Switch to CPE 2.2

Configuration 1
OR
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

Denotes Vulnerable Software
Are we missing a CPE here? Please let us know.

Change History

2 change records found - show changes

Quick Info

CVE Dictionary Entry:
CVE-2018-11904
NVD Published Date:
09/19/2018
NVD Last Modified:
11/09/2018