Vulnerabilities > CVE-2018-5841 - Insecure Default Initialization of Resource vulnerability in Google Android
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
dcc_curr_list is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 1 |