Buffer Overflow and Information Leak Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases
CVE-2017-11035 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or information leak in the functions "sme_set_ft_ies" and "csr_roam_issue_ft_preauth_req" due to incorrect initialization of WEXT callbacks and lack of the checks for buffer size.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.