Buffer Overread Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases

CVE-2017-11064 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36815952. References: QC-CR#2054770, QC-CR#2058447, QC-CR#2066628, QC-CR#2087785

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.