CVE-2017-11015

Name of the Vulnerable Software and Affected Versions Android (affected versions not specified)

Description The issue is related to a buffer overflow in the WLAN component of the Android operating system, specifically in the Linux kernel used by Android releases from CAF. The buffer overflow occurs because the frame parser allows challenge text of length up to 253 bytes, but the driver can only handle challenge text up to 128 bytes, as defined by the SIR MAC AUTH CHALLENGE LENGTH value. This could potentially allow a remote attacker to execute arbitrary code in the context of a privileged process by using a specially crafted file.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.