2018-05-18 17:04:16 -04:00
{
"CVE_data_meta" : {
2018-09-18 13:12:45 +05:30
"ASSIGNER" : "product-security@qualcomm.com" ,
2018-05-18 17:04:16 -04:00
"ID" : "CVE-2018-11278" ,
2018-09-18 13:12:45 +05:30
"STATE" : "PUBLIC"
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Android for MSM, Firefox OS for MSM, QRD Android" ,
"version" : {
"version_data" : [
{
"version_value" : "All Android releases from CAF using the Linux kernel"
}
]
}
}
]
} ,
"vendor_name" : "Qualcomm, Inc."
}
]
}
2018-05-18 17:04:16 -04:00
} ,
"data_format" : "MITRE" ,
"data_type" : "CVE" ,
"data_version" : "4.0" ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2018-09-19 10:26:48 -04:00
"value" : "In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Venus HW searches for start code when decoding input bit stream buffers. If start code is not found in entire buffer, there is over-fetch beyond allocation length. This leads to page fault."
2018-09-18 13:12:45 +05:30
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "Buffer Over-read in Video"
}
]
}
]
} ,
"references" : {
"reference_data" : [
2018-09-18 14:05:02 -04:00
{
"name" : "https://source.codeaurora.org/quic/la/platform/hardware/qcom/media/commit/?id=6c7dbdb2f067bf844beef2c41d9d67cacc3adfa6" ,
"refsource" : "CONFIRM" ,
"url" : "https://source.codeaurora.org/quic/la/platform/hardware/qcom/media/commit/?id=6c7dbdb2f067bf844beef2c41d9d67cacc3adfa6"
} ,
2018-09-18 13:12:45 +05:30
{
"name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin" ,
"refsource" : "CONFIRM" ,
"url" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin"
2018-05-18 17:04:16 -04:00
}
]
}
}
