PT-2018-8526 · Mozilla+1 · Firefox Os+1
Published
2018-03-30
·
Updated
2018-04-25
·
CVE-2017-9693
CVSS v2.0
2.1
Low
| Vector | AV:L/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Android for MSM versions prior to 2017-06-06
Firefox OS for MSM versions prior to 2017-06-06
QRD Android versions prior to 2017-06-06
Description
The issue arises when the length of the attribute value for
STA EXT CAPABILITY in the wlan hdd change station function is less than the actual length of StaParams.extn capability. This discrepancy results in a read for extra bytes when a memcpy is done from params->ext capab to StaParams.extn capability using the sizeof(StaParams.extn capability).Recommendations
For Android for MSM versions prior to 2017-06-06, update to a version released after 2017-06-06 to resolve the issue.
For Firefox OS for MSM versions prior to 2017-06-06, update to a version released after 2017-06-06 to resolve the issue.
For QRD Android versions prior to 2017-06-06, update to a version released after 2017-06-06 to resolve the issue.
Fix
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Firefox Os