Integer Overflow Vulnerability in Android Keystore Access

Integer Overflow Vulnerability in Android Keystore Access

CVE-2017-15828 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.