Improper Conditional Logic in WLAN Handler Allows Access to Only 3 Access Categories

Improper Conditional Logic in WLAN Handler Allows Access to Only 3 Access Categories

CVE-2018-11294 · MEDIUM Severity

AV:A/AC:L/AU:N/C:P/I:P/A:P

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WLAN handler indication from the firmware gets the information for 4 access categories. While processing this information only the first 3 AC information is copied due to the improper conditional logic used to compare with the max number of categories.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.