Vulnerability Details CVE-2018-21054
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2018-21054
-
cpe:2.3:h:mediatek:m6737t:-
-
cpe:2.3:h:qualcomm:msm8909:-
-
cpe:2.3:h:qualcomm:msm8939:-
-
cpe:2.3:h:qualcomm:msm8996:-
-
cpe:2.3:h:qualcomm:msm9830:-
-
cpe:2.3:h:qualcomm:sdm6xx:-
-
cpe:2.3:h:samsung:exynos_3470:-
-
cpe:2.3:h:samsung:exynos_5420:-
-
cpe:2.3:h:samsung:exynos_9610:-
-
cpe:2.3:h:samsung:exynos_9820:-
-
cpe:2.3:h:unisoc:sc7715:-
-
cpe:2.3:h:unisoc:sc7730:-
-
cpe:2.3:h:unisoc:sc7731:-
-
cpe:2.3:o:google:android:6.0
-
cpe:2.3:o:google:android:7.0
-
cpe:2.3:o:google:android:7.1
-
cpe:2.3:o:google:android:7.1.0
-
cpe:2.3:o:google:android:7.1.1
-
cpe:2.3:o:google:android:7.1.2
-
cpe:2.3:o:google:android:8.0
-
cpe:2.3:o:google:android:8.1