cvelist/2018/11xxx/CVE-2018-11986.json

{
    "CVE_data_meta": {
        "ASSIGNER": "product-security@qualcomm.com",
        "ID": "CVE-2018-11986",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "All Android releases from CAF using the Linux kernel"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to exchange commands and messages between Micro FW and CPP driver."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Buffer Copy Without Checking Size of Input in Camera"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin",
                "refsource": "CONFIRM",
                "url": "https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin"
            }
        ]
    }
}