CVE-2018-11907

2018-11-2718:00:00

qualcomm

www.cve.org

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.6%

JSON

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ which presents a potential issue.

References

source.codeaurora.org/quic/le/meta-qti-bsp/commit/?id=ecd2fb4ab9e2a6851add554af03cebe337345c44

www.codeaurora.org/security-bulletin/2018/11/05/november-2018-code-aurora-forum-security-bulletin