Untrusted Pointer Dereference Vulnerability in Android Releases by Qualcomm
CVE-2018-11988
7.8HIGH
Summary
An untrusted pointer dereference vulnerability exists within multiple Android releases by Qualcomm. This issue arises when a variable that has already been freed is accessed, potentially leading to software vulnerabilities and system instability. The affected products include Android for MSM, Firefox OS for MSM, and QRD Android, emphasizing the need for users to deploy security updates to mitigate associated risks. Developers and users should prioritize this patch to enhance system security and stability.
Affected Version(s)
Android for MSM, Firefox OS for MSM, QRD Android All Android releases from CAF using the Linux kernel
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved