Buffer Overflow Vulnerability in Android's WPA RSN IE Length Handling

Buffer Overflow Vulnerability in Android's WPA RSN IE Length Handling

CVE-2018-5863 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg80211_set_ie(), a buffer overflow occurs in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.