CVE-2018-5848 vulnerability in Red Hat and Other Products
Published on June 12, 2018

In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.

Vendor Advisory Vendor Advisory Vendor Advisory NVD

Products Associated with CVE-2018-5848

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-5848 are published in these products:

Red Hat Virtualization Host

Debian Linux

Google Android

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Workstation

Affected Versions

Qualcomm, Inc. Android for MSM, Firefox OS for MSM, QRD Android Version All Android releases from CAF using the Linux kernel is affected by CVE-2018-5848

Exploit Probability

EPSS

0.15%

Percentile

35.78%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-5848 vulnerability in Red Hat and Other ProductsPublished on June 12, 2018

Products Associated with CVE-2018-5848

Affected Versions

Exploit Probability

CVE-2018-5848 vulnerability in Red Hat and Other Products
Published on June 12, 2018