CVE-2018-11260

Severity CVSS v4.0:
Pending analysis
Type:
CWE-190 Integer Overflow or Wraparound
Publication date:
27/11/2018
Last modified:
21/12/2018

Description

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a fast Initial link setup (FILS) connection request, integer overflow may lead to a buffer overflow when the key length is zero.

Vulnerable products and versions

CPE From Up to
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*