PT-2018-6022 · Mozilla+1 · Firefox Os+1
Published
2018-03-30
·
Updated
2019-10-03
·
CVE-2017-15859
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
Android for MSM versions prior to 2017-08-11
Firefox OS for MSM versions prior to 2017-08-11
QRD Android versions prior to 2017-08-11
Description:
A buffer overrun occurs when processing the QCA NL80211 VENDOR SUBCMD SET TXPOWER SCALE DECR DB vendor command. This happens because the attribute QCA WLAN VENDOR ATTR TXPOWER SCALE DECR DB contains fewer than 1 byte.
Recommendations:
For Android for MSM versions prior to 2017-08-11, update to a version released after 2017-08-11.
For Firefox OS for MSM versions prior to 2017-08-11, update to a version released after 2017-08-11.
For QRD Android versions prior to 2017-08-11, update to a version released after 2017-08-11.
Fix
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Firefox Os