Vulnerability Details CVE-2018-11275
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when flashing image using FastbootLib if size is not divisible by block size, information leak occurs.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.1%
CVSS Severity
CVSS v3 Score 5.5
CVSS v2 Score 4.9
References
- http://www.securityfocus.com/bid/106949
- https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=bf0261ab128f28763258c620bc95ca379a286b59
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin
- http://www.securityfocus.com/bid/106949
- https://source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/?id=bf0261ab128f28763258c620bc95ca379a286b59
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin