Buffer Overflow Vulnerability in __wlan_hdd_change_station in Android, Firefox OS, and QRD Android before 2017-06-06

Buffer Overflow Vulnerability in __wlan_hdd_change_station in Android, Firefox OS, and QRD Android before 2017-06-06

CVE-2017-9693 · LOW Severity

AV:L/AC:L/AU:N/C:P/I:N/A:N

The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_change_station in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extn_capability results in a read for extra bytes when a memcpy is done from params->ext_capab to StaParams.extn_capability using the sizeof(StaParams.extn_capability).

Learn more about our Cis Benchmark Audit For Google Android.