CVE-2017-18054 Information
Feb 14, 2021
cve
Description
In Android for MSM Firefox OS for MSM QRD Android with all Android releases from CAF using the Linux kernel improper input validation for num_vdev_mac_entries in wma_pdev_hw_mode_transition_evt_handler() which is received from firmware leads to potential buffer overflow.
CVSS Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Reference
https://source.android.com/security/bulletin/pixel/2018-03-01 https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=6eefc756612e39fab49ff719b3dc9b94def53396
Attack Complexity
LOW
Privileges Required
LOW
User Interaction Required
LOW
Scope
NONE
Confidentiality Impact
UNCHANGED
Integrity Impact
HIGH
Availability Impact
HIGH
Base Score
HIGH
Base Severity
7.8
Share on: