← volver
CVE-2018-11278

CVE-2018-11278

EPSS 0.2%
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Venus HW searches for start code when decoding input bit stream buffers. If start code is not found in entire buffer, there is over-fetch beyond allocation length. This leads to page fault.
Productos afectados
Qualcomm, Inc. · Android for MSM, Firefox OS for MSM, QRD Android

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://source.codeaurora.org/quic/la/platform/hardware/qcom/media/commit/?id=6c7dbdb2f067bf844beef2c41d9d67cacc3adfa6https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin