CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-3580
https://notcve.org/view.php?id=CVE-2018-3580
Stack-based buffer overflow can occur In the WLAN driver if the pmkid_count value is larger than the PMKIDCache size in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. Puede ocurrir un desbordamiento de búfer basado en pila en el controlador WLAN si el valor pmkid_count es mayor que el tamaño de PMKIDCache en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM y QRD Android) que utilizan el kernel de Linux. • https://source.android.com/security/bulletin/2018-05-01 https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-5841
https://notcve.org/view.php?id=CVE-2018-5841
dcc_curr_list is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. dcc_curr_list se inicializa con un valor por defecto no válido que se espera que sea programado por el usuario mediante un nodo sysfs, lo que podría conducir a un acceso no válido en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM, QRD Android) que utilizan el kernel de Linux. • https://source.android.com/security/bulletin/2018-05-01 https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2 • CWE-1188: Initialization of a Resource with an Insecure Default •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-3578
https://notcve.org/view.php?id=CVE-2018-3578
Type mismatch for ie_len can cause the WLAN driver to allocate less memory on the heap due to implicit casting leading to a heap buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. La no coincidencia de tipos en ie_len puede provocar que el controlador WLAN asigne menos memoria en la memoria dinámica (heap) debido al casting implícito que conduce a un desbordamiento de búfer basado en memoria dinámica (heap) en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM y QRD Android) que utilizan el kernel de Linux. • https://source.android.com/security/bulletin/2018-05-01 https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-3565
https://notcve.org/view.php?id=CVE-2018-3565
While sending a probe request indication in lim_send_sme_probe_req_ind() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overflow can occur. Mientras se envía una indicación de petición de sondeo en lim_send_sme_probe_req_ind() en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM, QRD Android) que utilizan el kernel de Linux, podría ocurrir un desbordamiento de búfer. • https://source.android.com/security/bulletin/2018-05-01 https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 0CVE-2018-5151
https://notcve.org/view.php?id=CVE-2018-5151
Memory safety bugs were reported in Firefox 59. ... This vulnerability affects Firefox < 60. Se ha informado sobre errores de seguridad de memoria en Firefox 59. ... Esta vulnerabilidad afecta a las versiones anteriores a la 60 de Firefox. • http://www.securityfocus.com/bid/104139 http://www.securitytracker.com/id/1040896 https://bugzilla.mozilla.org/buglist.cgi?bug_id=1445234%2C1449530%2C1437455%2C1447989%2C1438827%2C1436983%2C1435036%2C1440465%2C1439723%2C1448771%2C1453653%2C1454359%2C1432323%2C1454126%2C1436759%2C1439655%2C1448612%2C1449358%2C1367727%2C1452417 https://usn.ubuntu.com/3645-1 https://www.mozilla.org/security/advisories/mfsa2018-11 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •