PT-2018-6025 · Qualcomm+2 · Qualcomm Products+2
Published
2018-02-23
·
Updated
2018-03-12
·
CVE-2017-15862
CVSS v2.0
7.2
High
| Vector | AV:L/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified)
Description:
The issue arises from improper validation of the number of radio channels coming from firmware in the
wma unified link radio stats event handler() function, potentially leading to an integer overflow followed by a buffer overflow.Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Integer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Linux Kernel
Qualcomm Products