{"api_version":"1","generated_at":"2026-04-23T05:07:12+00:00","cve":"CVE-2018-11886","urls":{"html":"https://cve.report/CVE-2018-11886","api":"https://cve.report/api/cve/CVE-2018-11886.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2018-11886","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2018-11886"},"summary":{"title":"CVE-2018-11886","description":"In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function.","state":"PUBLIC","assigner":"product-security@qualcomm.com","published_at":"2018-09-19 14:29:00","updated_at":"2018-11-09 17:25:00"},"problem_types":["CWE-190"],"metrics":[],"references":[{"url":"https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=cc0e6489d67d3fc7b196cf6806a7a5edcff33a88","name":"https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=cc0e6489d67d3fc7b196cf6806a7a5edcff33a88","refsource":"CONFIRM","tags":["Patch","Third Party Advisory"],"title":"platform/vendor/qcom-opensource/wlan/qcacld-3.0 - Unnamed repository","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin","name":"https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin","refsource":"CONFIRM","tags":["Patch","Third Party Advisory"],"title":"September 2018 Code Aurora Security Bulletin - Code Aurora","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2018-11886","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-11886","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2018","cve_id":"11886","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2018","cve_id":"11886","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"google","cpe5":"android","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2018-11886","qid":"610347","title":"Google Android May 2021 Security Patch Missing for Huawei EMUI"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"product-security@qualcomm.com","ID":"CVE-2018-11886","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Android for MSM, Firefox OS for MSM, QRD Android","version":{"version_data":[{"version_value":"All Android releases from CAF using the Linux kernel"}]}}]},"vendor_name":"Qualcomm, Inc."}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"Integer Overflow to Buffer Overflow in WLAN"}]}]},"references":{"reference_data":[{"name":"https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin","refsource":"CONFIRM","url":"https://www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletin"},{"name":"https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=cc0e6489d67d3fc7b196cf6806a7a5edcff33a88","refsource":"CONFIRM","url":"https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=cc0e6489d67d3fc7b196cf6806a7a5edcff33a88"}]}},"nvd":{"publishedDate":"2018-09-19 14:29:00","lastModifiedDate":"2018-11-09 17:25:00","problem_types":["CWE-190"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2018","CveId":"11886","Ordinal":"128398","Title":"CVE-2018-11886","CVE":"CVE-2018-11886","Year":"2018"},"notes":[{"CveYear":"2018","CveId":"11886","Ordinal":"1","NoteData":"In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function.","Type":"Description","Title":null},{"CveYear":"2018","CveId":"11886","Ordinal":"2","NoteData":"2018-09-19","Type":"Other","Title":"Published"},{"CveYear":"2018","CveId":"11886","Ordinal":"3","NoteData":"2018-09-19","Type":"Other","Title":"Modified"}]}}}