High severity7.8NVD Advisory· Published Sep 18, 2018· Updated Jun 17, 2026

CVE-2018-11302

Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from userspace before copying into buffer can lead to potential array overflow in WLAN.

Affected products

CAF/Android for MSMllm-fuzzy
Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5
Range: All Android releases from CAF using the Linux kernel

Patches

Vulnerability mechanics

References

source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/nvdPatchThird Party Advisory
www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinnvdPatchThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000