Invalid Input in WLAN Cal Data Store Operation Can Lead to Memory Leak or Buffer Overflow

Invalid Input in WLAN Cal Data Store Operation Can Lead to Memory Leak or Buffer Overflow

CVE-2017-15845 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow during the WLAN cal data store operation.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.