Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the function wma_tbttoffset_update_event_handler(), a parameter received from firmware is used to allocate memory for a local buffer and is not properly validated. This can potentially result in an integer overflow subsequently leading to a heap overwrite.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Android Modem驱动程序权限许可和访问控制漏洞
Vulnerability Description
Android是美国谷歌(Google)公司和开放手持设备联盟(简称OHA)共同开发的一套以Linux为基础的开源操作系统。Qualcomm Modem driver是其中的一个调制解调器驱动程序。 Android 2018-04-05之前版本中Qualcomm Modem驱动程序存在提权漏洞,该漏洞源于‘wma_tbttoffset_update_event_handler()’函数没有校验来自固件的参数,直接使用该参数为本地缓冲区分配内存。远程攻击者可通过诱使用户打开特制的文件利用该漏洞获取提升的权限
CVSS Information
N/A
Vulnerability Type
N/A