Array Out of Bounds Access in Android CAF Releases Prior to 2018-06-05

Array Out of Bounds Access in Android CAF Releases Prior to 2018-06-05

CVE-2017-18159 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.