Vulnerability Details CVE-2018-14745
Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 28.4%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 5.8
References
- https://github.com/securesystemslab/periscope/blob/master/bugs-found/CVE-2018-14745.md
- https://pastebin.com/tmFrECnZ
- https://security.samsungmobile.com/securityUpdate.smsb
- https://github.com/securesystemslab/periscope/blob/master/bugs-found/CVE-2018-14745.md
- https://pastebin.com/tmFrECnZ
- https://security.samsungmobile.com/securityUpdate.smsb
Products affected by CVE-2018-14745
-
cpe:2.3:h:samsung:galaxy_s6:-
-
cpe:2.3:o:samsung:galaxy_s6_firmware:g920fxxu5eqh7