Integer Overflow Leading to Buffer Overflow in FILS Connection Request Processing

Integer Overflow Leading to Buffer Overflow in FILS Connection Request Processing

CVE-2018-11260 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a fast Initial link setup (FILS) connection request, integer overflow may lead to a buffer overflow when the key length is zero.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.