Vulnerability Details : CVE-2018-11912
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper configuration of daemons may lead to unprivileged access.
Products affected by CVE-2018-11912
- cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2018-11912
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 10 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2018-11912
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
CWE ids for CVE-2018-11912
-
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.Assigned by: nvd@nist.gov (Primary)
References for CVE-2018-11912
-
https://source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=36a2b6dbb9b7839dcb2127bb5d6a5d90c520345f
meta-qti-bsp - Unnamed repositoryPatch;Third Party Advisory
-
https://www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin
Page not found - Code AuroraPatch;Third Party Advisory
Jump to