Out-of-Bounds Write Vulnerability in WLAN HOST via WMA Interfaces in Android Releases

Out-of-Bounds Write Vulnerability in WLAN HOST via WMA Interfaces in Android Releases

CVE-2018-11903 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from caller function used as an array index for WMA interfaces can lead to OOB write in WLAN HOST.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.