Out of Bounds Write Vulnerability in nfc_hci_cmd_received() Function of Android Kernel

Out of Bounds Write Vulnerability in nfc_hci_cmd_received() Function of Android Kernel

CVE-2017-13293 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In the nfc_hci_cmd_received() function of core.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-62679701.

Learn more about our Cis Benchmark Audit For Google Android.