Buffer Overwrite Vulnerability in Android Releases from CAF

Buffer Overwrite Vulnerability in Android Releases from CAF

CVE-2018-11863 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.