Integer Overflow and Buffer Overflow Vulnerability in Qualcomm Android Products with CAF and Linux Kernel
CVE-2017-15862 · HIGH Severity
AV:L/AC:L/AU:N/C:C/I:C/A:C
In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a buffer overflow.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.