Out of Bounds Write Vulnerability in nfc_hci_cmd_received() Function of Android Kernel
CVE-2017-13293 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
In the nfc_hci_cmd_received() function of core.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-62679701.
Learn more about our Cis Benchmark Audit For Google Android.