Medium severity5.5NVD Advisory· Published Sep 18, 2018· Updated Jun 17, 2026

CVE-2018-11275

Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when flashing image using FastbootLib if size is not divisible by block size, information leak occurs.

Affected products

CAF/fastbootllm-fuzzy
Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5
Range: All Android releases from CAF using the Linux kernel

Patches

Vulnerability mechanics

References

source.codeaurora.org/quic/la/abl/tianocore/edk2/commit/nvdPatchThird Party Advisory
www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinnvdPatchThird Party Advisory
www.securityfocus.com/bid/106949nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.358
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000