Out-of-Bounds Access Vulnerability in Qualcomm Android Releases with CAF

Out-of-Bounds Access Vulnerability in Qualcomm Android Releases with CAF

CVE-2017-10996 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:N/A:N

In all Qualcomm products with Android releases from CAF using the Linux kernel, out of bounds access is possible in c_show(), due to compat_hwcap_str[] not being NULL-terminated. This error is not fatal, however the device might crash/reboot with memory violation/out of bounds access.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.