Vulnerability Details CVE-2017-15835
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, While processing the RIC Data Descriptor IE in an artificially crafted 802.11 frame with IE length more than 255, an infinite loop may potentially occur resulting in a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 9.8%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 3.3
References
- https://source.android.com/security/bulletin/pixel/2018-11-01#qualcomm-components
- https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2
- https://source.android.com/security/bulletin/pixel/2018-11-01#qualcomm-components
- https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2