Integer Underflow Vulnerability in csr_update_fils_params_rso() Function
CVE-2018-5850 · HIGH Severity
AV:N/AC:M/AU:N/C:C/I:C/A:C
In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.