← voltar
CVE-2018-11278

CVE-2018-11278

EPSS 0.2%
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Venus HW searches for start code when decoding input bit stream buffers. If start code is not found in entire buffer, there is over-fetch beyond allocation length. This leads to page fault.
Produtos afetados
Qualcomm, Inc. · Android for MSM, Firefox OS for MSM, QRD Android

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://source.codeaurora.org/quic/la/platform/hardware/qcom/media/commit/?id=6c7dbdb2f067bf844beef2c41d9d67cacc3adfa6https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin