CVE-2018-5834
Description
In __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A buffer overwrite in the WLAN host driver's vendor scan handler could lead to arbitrary code execution in the kernel.
Vulnerability
In __wlan_hdd_cfgopt_vendor_scan() in the WLAN host driver, a buffer overwrite can potentially occur in Android releases from CAF (Code Aurora Forum) using the Linux kernel. The affected versions include Android for MSM, Firefox OS for MSM, and QRD Android before the security patch level 2018-06-05. The bug can be triggered via a vendor-specific scan command [1].
Exploitation
An attacker needs to be able to interact with the affected device through a wireless interface or an app that can send vendor-specific NL80211 commands. No special authentication is required beyond normal access to the radio layer. By crafting a malicious vendor scan request with oversized data, the attacker can trigger a buffer overwrite [1].
Impact
Successful exploitation leads to a buffer overflow in kernel memory, which can result in arbitrary code execution in the kernel context. This gives the attacker full control over the device's operating system, compromising all confidentiality, integrity, and availability [1].
Mitigation
Google's Android Security Bulletin for June 2018 lists this issue as fixed. Qualcomm released a patch for the driver, and the fix was integrated into the Android security patch level 2018-06-05. Devices that have not received this patch remain vulnerable. No workaround is documented [1].
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5Range: All Android releases from CAF using the Linux kernel
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- source.android.com/security/bulletin/2018-06-01mitrex_refsource_CONFIRM
- source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/mitrex_refsource_CONFIRM
- www.codeaurora.org/security-bulletin/2018/07/02/july-2018-code-aurora-security-bulletinmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.