CVE-2017-15815

Name of the Vulnerable Software and Affected Versions: Android for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) All Android releases from CAF using the Linux kernel versions (affected versions not specified)

Description: A potential buffer overflow issue exists when processing 802.11 MGMT frames, such as Auth frames, in the limProcessAuthFrame function. This issue is related to the WLAN component of the Android operating system from the CAF repository. Exploitation of this issue may allow a remote attacker to execute arbitrary code.

Recommendations: For Android for MSM, consider disabling the WLAN component until a patch is available. For QRD Android, restrict access to the limProcessAuthFrame function to minimize the risk of exploitation. For Firefox OS for MSM, avoid using the WLAN component in the affected Android releases from CAF using the Linux kernel until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.