CVE-2018-14852

MEDIUM Year: 2018
CVSS v3 Score
6.3
Medium
CVSS v2 Score
5.8
Medium
Weakness Type
CWE-119
View all →

Vulnerability Description

Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware.

Related Vulnerabilities

CVE-2013-3245

MEDIUM
CVSS:6.3(Medium)

plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a ...

CWE-1192013

CVE-2016-1176

MEDIUM
CVSS:6.3(Medium)

Buffer overflow in the ActiveX control in Sharp EVA Animeter allows remote attackers to execute arbitrary code via a crafted web page.

CWE-1192016

CVE-2016-1628

MEDIUM
CVSS:6.3(Medium)

pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of ser...

CWE-1192016

CVE-2016-1737

MEDIUM
CVSS:6.3(Medium)

Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file.

CWE-1192016

CVE-2016-2837

MEDIUM
CVSS:6.3(Medium)

Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remot...

CWE-1192016

CVE-2016-5728

MEDIUM
CVSS:6.3(Medium)

Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memo...

CWE-1192016