CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-11060

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed during processing of ACA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_PASSPOINT_LIST and QCA_NL80211_VENDOR_SUBCMD_EXTSCAN_PNO_SET_LIST cfg80211 vendor commands in __wlan_hdd_cfg80211_set_passpoint_list and hdd_extscan_passpoint_fill_network_list function respectively. Android ID: A-36817548. References: QC-CR#2058447, QC-CR#2054770.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 30.2%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

http://www.securityfocus.com/bid/101160
https://source.android.com/security/bulletin/pixel/2017-10-01
http://www.securityfocus.com/bid/101160
https://source.android.com/security/bulletin/pixel/2017-10-01

Products affected by CVE-2017-11060

Google » Android » Version: 8.0

cpe:2.3:o:google:android:8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-11060

Products

Pricing

Contact Us