Buffer Over-read Vulnerability in Android Display due to Lack of Upper-Bound Validation
CVE-2017-11093 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading "num_of_cea_blocks" from the untrusted source (EDID), kernel memory can be exposed.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.