CVE-2017-18063

Name of the Vulnerable Software and Affected Versions: Android (affected versions not specified)

Description: The issue is related to the wma nlo match evt handler function in the WLAN component of the Android operating system, which is part of the CAF repository. It involves an out-of-bounds memory access operation. This could allow an attacker to execute arbitrary code in the context of a privileged process using a specially crafted file. The problem arises from improper input validation for the nlo event in the wma nlo match evt handler() function, which receives input from firmware.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.