cvelist/2018/11xxx/CVE-2018-11842.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "product-security@qualcomm.com",
      "ID" : "CVE-2018-11842",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "Android for MSM, Firefox OS for MSM, QRD Android",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "All Android releases from CAF using the Linux kernel"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "Qualcomm, Inc."
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, during wlan association, driver allocates memory. In case the mem allocation fails driver does a mem free though the memory was not allocated."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "Use of Uninitialized Variable in WLAN"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "https://source.android.com/security/bulletin/2018-09-01#qualcomm-components",
            "refsource" : "CONFIRM",
            "url" : "https://source.android.com/security/bulletin/2018-09-01#qualcomm-components"
         },
         {
            "name" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=5eea70b9d5852e468467c1565927dbe0c76d8674",
            "refsource" : "CONFIRM",
            "url" : "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=5eea70b9d5852e468467c1565927dbe0c76d8674"
         },
         {
            "name" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin",
            "refsource" : "CONFIRM",
            "url" : "https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin"
         }
      ]
   }
}