{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T02:16:11.777","vulnerabilities":[{"cve":{"id":"CVE-2018-11263","sourceIdentifier":"product-security@qualcomm.com","published":"2018-09-06T14:29:00.260","lastModified":"2024-11-21T03:43:01.000","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In all Android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, radio_id is received from the FW and is used to access the buffer to copy the radio stats received for each radio from FW. If the radio_id received from the FW is greater than or equal to maximum, an OOB write will occur. On supported Google Pixel and Nexus devices, this has been addressed in security patch level 2018-08-05."},{"lang":"es","value":"En todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM y QRD Android) que utilizan el kernel de Linux, radio_id se recibe desde el firmware y se emplea para acceder al búfer para copiar las estadísticas de radio recibidas para cada radio desde el firmware. Si el radio_id recibido desde el firmware es igual o mayor que el máximo, ocurrirá una escritura fuera de límites. En dispositivos Google Pixel y Nexus, esto se ha abordado en el parche de seguridad del nivel del 05/08/2018."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:A/AC:L/Au:N/C:P/I:P/A:P","baseScore":5.8,"accessVector":"ADJACENT_NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.5,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-129"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/pixel/2018-08-01","source":"product-security@qualcomm.com","tags":["Vendor Advisory"]},{"url":"https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=476ad571ec5b42c42bb1ce9468f18c7e996646ed","source":"product-security@qualcomm.com","tags":["Patch","Third Party Advisory"]},{"url":"https://www.codeaurora.org/security-bulletin/2018/08/06/august-2018-code-aurora-security-bulletin","source":"product-security@qualcomm.com","tags":["Patch","Third Party Advisory"]},{"url":"https://source.android.com/security/bulletin/pixel/2018-08-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]},{"url":"https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=476ad571ec5b42c42bb1ce9468f18c7e996646ed","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]},{"url":"https://www.codeaurora.org/security-bulletin/2018/08/06/august-2018-code-aurora-security-bulletin","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}