Use-after-free in Google Android - CVE-2018-11300
Published: September 18, 2018 / Updated: August 8, 2020
Vulnerability identifier: #VU36667
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2018-11300
CWE-ID: CWE-416
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Google
Affected software:
Google Android
Google Android
Detailed vulnerability description
The vulnerability allows a local authenticated user to execute arbitrary code.
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, callback executed from the other thread has freed memory which is also used in wlan function and may result in to a "Use after free" scenario.
How to mitigate CVE-2018-11300
Install update from vendor's website.
Sources
- https://source.android.com/security/bulletin/pixel/2018-09-01#qualcomm-components
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=1f111832dc93bc639538dc173397b30af329b130
- https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin