Buffer Over-read Vulnerability in Android Display due to Lack of Upper-Bound Validation

Buffer Over-read Vulnerability in Android Display due to Lack of Upper-Bound Validation

CVE-2017-11093 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), kernel memory can be exposed.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.