CVE-2018-3562
Vulnerability from cvelistv5
Published
2018-06-06 21:00
Modified
2024-09-16 21:56
Severity
Summary
Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
References
Source | URL | Tags |
---|---|---|
nvd@nist.gov | https://source.android.com/security/bulletin/2018-05-01 | Patch, Vendor Advisory |
product-security@qualcomm.com | https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2 | Patch, Third Party Advisory |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T04:50:30.156Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "Android for MSM, Firefox OS for MSM, QRD Android", "vendor": "Qualcomm, Inc.", "versions": [ { "status": "affected", "version": "All Android releases from CAF using the Linux kernel" } ] } ], "datePublic": "2018-05-11T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel." } ], "problemTypes": [ { "descriptions": [ { "description": "Buffer Over-read in WLAN", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-06-06T20:57:01", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "product-security@qualcomm.com", "DATE_PUBLIC": "2018-05-11T00:00:00", "ID": "CVE-2018-3562", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "Android for MSM, Firefox OS for MSM, QRD Android", "version": { "version_data": [ { "version_value": "All Android releases from CAF using the Linux kernel" } ] } } ] }, "vendor_name": "Qualcomm, Inc." } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "Buffer Over-read in WLAN" } ] } ] }, "references": { "reference_data": [ { "name": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2", "refsource": "MISC", "url": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2" } ] } } } }, "cveMetadata": { "assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2018-3562", "datePublished": "2018-06-06T21:00:00Z", "dateReserved": "2017-12-19T00:00:00", "dateUpdated": "2024-09-16T21:56:53.687Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2018-3562\",\"sourceIdentifier\":\"product-security@qualcomm.com\",\"published\":\"2018-06-06T21:29:00.267\",\"lastModified\":\"2018-07-17T17:46:42.600\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.\"},{\"lang\":\"es\",\"value\":\"Puede ocurrir una sobrelectura de b\u00fafer al procesar un frame de autenticaci\u00f3n FILS en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM, QRD Android) que utilizan el kernel de Linux.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:C\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":7.1},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26\"}]}]}],\"references\":[{\"url\":\"https://source.android.com/security/bulletin/2018-05-01\",\"source\":\"nvd@nist.gov\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2\",\"source\":\"product-security@qualcomm.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}" } }
Loading...