CVE-2017-15854
CVE-2017-15854
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
12 jun 2018Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
The value of fix_param->num_chans is received from firmware and if it is too large, an integer overflow can occur in wma_radio_chan_stats_event_handler() for the derived length len leading to a subsequent buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
Productos afectados
Qualcomm, Inc. · Android for MSM, Firefox OS for MSM, QRD Android