Vulnerability Details CVE-2017-15823
In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-11, some values from firmware are not properly validated potentially leading to a buffer overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- https://source.android.com/security/bulletin/pixel/2018-02-01
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=49c1ce19c8a4689c33e6e8f17ab77d77fae6ff93
- https://source.android.com/security/bulletin/pixel/2018-02-01
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=49c1ce19c8a4689c33e6e8f17ab77d77fae6ff93