Out-of-bounds Array Access Vulnerability in Samsung Galaxy S6 Wi-Fi Driver

Out-of-bounds Array Access Vulnerability in Samsung Galaxy S6 Wi-Fi Driver

CVE-2018-14852 · MEDIUM Severity

AV:A/AC:L/AU:N/C:P/I:P/A:P

Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.