CVE-2018-21054

An issue was discovered on Samsung mobile devices with M(6.0), N(7.x) and O(8.x) except exynos9610/9820 in all Platforms, M(6.0) except MSM8909 SC77xx/9830 exynos3470/5420, N(7.0) except MSM8939, N(7.1) except MSM8996 SDM6xx/M6737T software. There is an integer underflow with a resultant buffer overflow in eCryptFS. The Samsung ID is SVE-2017-11857 (September 2018).
References
Configurations

Configuration 1 (hide)

AND
OR cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*
cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*
OR cpe:2.3:h:samsung:exynos_9610:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_9820:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
OR cpe:2.3:h:qualcomm:msm8909:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm9830:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_3470:-:*:*:*:*:*:*:*
cpe:2.3:h:samsung:exynos_5420:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7715:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7730:-:*:*:*:*:*:*:*
cpe:2.3:h:unisoc:sc7731:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8939:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:google:android:7.1:*:*:*:*:*:*:*
OR cpe:2.3:h:mediatek:m6737t:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:msm8996:-:*:*:*:*:*:*:*
cpe:2.3:h:qualcomm:sdm6xx:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2020-04-08 18:15

Updated : 2023-12-10 13:27


NVD link : CVE-2018-21054

Mitre link : CVE-2018-21054

CVE.ORG link : CVE-2018-21054


JSON object : View

Products Affected

unisoc

  • sc7730
  • sc7731
  • sc7715

qualcomm

  • msm8939
  • sdm6xx
  • msm8909
  • msm8996
  • msm9830

samsung

  • exynos_9820
  • exynos_5420
  • exynos_3470
  • exynos_9610

mediatek

  • m6737t

google

  • android
CWE
CWE-190

Integer Overflow or Wraparound