CVE-2017-14894
CVE-2017-14894
Vexday Risk Score
3Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS —EPSS 0.3%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
03 abr 2018Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wma_vdev_start_resp_handler(), vdev id is received from firmware as part of WMI_VDEV_START_RESP_EVENTID. This vdev id can be greater than max bssid stored in wma handle and this would result in buffer overwrite while accessing wma_handle->interfaces[vdev_id].
Produtos afetados
Qualcomm, Inc. · Android for MSM, Firefox OS for MSM, QRD AndroidQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →