vulnerability
SUSE: CVE-2018-5848: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:L/AC:L/Au:N/C:P/I:P/A:P) | Jun 12, 2018 | Jun 21, 2018 | Feb 4, 2022 |
Severity
5
CVSS
(AV:L/AC:L/Au:N/C:P/I:P/A:P)
Published
Jun 12, 2018
Added
Jun 21, 2018
Modified
Feb 4, 2022
Description
In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Solution(s)
suse-upgrade-kernel-azure-basesuse-upgrade-kernel-defaultsuse-upgrade-kernel-default-extrasuse-upgrade-kernel-default-mansuse-upgrade-kernel-devel-azuresuse-upgrade-kernel-docssuse-upgrade-kernel-obs-buildsuse-upgrade-kernel-source-azure
References
- SUSE-SUSE-SU-2018:1761-1
- SUSE-SUSE-SU-2018:1762-1
- SUSE-SUSE-SU-2018:1772-1
- SUSE-SUSE-SU-2018:1816-1
- SUSE-SUSE-SU-2018:1855-1
- SUSE-SUSE-SU-2018:1855-2
- SUSE-SUSE-SU-2018:2092-1
- SUSE-SUSE-SU-2018:4127-1
- SUSE-SUSE-SU-2018:4153-1
- SUSE-SUSE-SU-2018:4157-1
- SUSE-SUSE-SU-2018:4195-1
- SUSE-SUSE-SU-2018:4208-1
- SUSE-SUSE-SU-2018:4238-1
- NVD-CVE-2018-5848
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.