Buffer Overflow Vulnerability in Samsung Galaxy S6 Wi-Fi Driver
CVE-2018-14745

8.8HIGH

Key Information:

Vendor

Samsung
Status
Galaxy S6 Firmware
Vendor
CVE Published:
21 March 2019

What is CVE-2018-14745?

The buffer overflow vulnerability in the bcmdhd4358 Wi-Fi driver for the Samsung Galaxy S6 allows an attacker with control over the Wi-Fi chip to manipulate the kernel memory. This occurs due to a lack of proper validation when accessing the ring buffer read pointer, potentially leading to serious exploit scenarios.

References

https://pastebin.com/tmFrECnZ
x_refsource_MISC
https://security.samsungmobile.com/securityUpdate.smsb
x_refsource_CONFIRM
https://github.com/securesystemslab/periscope/blob/master...
x_refsource_MISC

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.