Android CAF Linux Kernel Voice SVC Request Out of Bounds Memory Copy Vulnerability

Android CAF Linux Kernel Voice SVC Request Out of Bounds Memory Copy Vulnerability

CVE-2017-8245 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.