Vulnerabilities > CVE-2018-5860 - Access of Uninitialized Pointer vulnerability in Google Android

CVSS 4.9 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

local

low complexity

google

CWE-824

NVD

Published: 2018-06-15

Updated: 2018-08-06

Summary

In the MDSS driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, a data structure may be used without being initialized correctly.

Vulnerable Configurations

Part	Description	Count
OS	Google Google Android -	1

Common Weakness Enumeration (CWE)

CWE-824 - Access of Uninitialized Pointer

References

https://www.codeaurora.org/security-bulletin/2018/06/04/june-2018-code-aurora-security-bulletin