Medium severity5.5NVD Advisory· Published Sep 19, 2018· Updated Jun 17, 2026
CVE-2018-3574
CVE-2018-3574
Description
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, userspace can request ION cache maintenance on a secure ION buffer for which the ION_FLAG_SECURE ion flag is not set and cause the kernel to attempt to perform cache maintenance on memory which does not belong to HLOS.
Affected products
1- Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5Range: All Android releases from CAF using the Linux kernel
Patches
Vulnerability mechanics
References
5- source.codeaurora.org/quic/la/kernel/msm-3.10/commit/nvdPatchThird Party Advisory
- source.codeaurora.org/quic/la/kernel/msm-4.4/commit/nvdPatchThird Party Advisory
- source.codeaurora.org/quic/la/kernel/msm-4.9/commit/nvdPatchThird Party Advisory
- www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinnvdPatchThird Party Advisory
- support.blackberry.com/kb/articleDetailnvdThird Party Advisory
News mentions
0No linked articles in our index yet.