Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029.
References
Link | Resource |
---|---|
https://github.com/securesystemslab/periscope/blob/master/bugs-found/CVE-2018-14745.md | Exploit Third Party Advisory |
https://pastebin.com/tmFrECnZ | Exploit Third Party Advisory |
https://security.samsungmobile.com/securityUpdate.smsb | Vendor Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2019-03-15T22:00:00
Updated: 2019-03-21T20:12:57
Reserved: 2018-07-29T00:00:00
Link: CVE-2018-14745
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-03-21T16:00:20.890
Modified: 2019-04-01T14:00:08.520
Link: CVE-2018-14745
JSON object: View
Redhat Information
No data.
CWE