PT-2017-11726 · Qualcomm+3 · Qrd Android+3
Published
2017-10-10
·
Updated
2019-10-03
·
CVE-2017-11062
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Android for MSM versions (affected versions not specified)
Firefox OS for MSM versions (affected versions not specified)
QRD Android versions (affected versions not specified)
Description
The issue is related to the lack of validation of attributes in the
wlan hdd cfg80211 do acs function, potentially leading to a buffer overread. This affects Android releases from CAF using the Linux kernel.Recommendations
For Android for MSM, ensure proper validation of attributes in the
wlan hdd cfg80211 do acs function to prevent buffer overread.
For Firefox OS for MSM, consider implementing input validation for the wlan hdd cfg80211 do acs function as a mitigation measure.
For QRD Android, restrict access to the wlan hdd cfg80211 do acs function until a proper fix is applied.Fix
Out of bounds Read
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Firefox Os
Linux Kernel
Qrd Android