Vulnerability Details CVE-2017-18053
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for fix_param->vdev_id in wma_p2p_lo_event_handler(), which is received from firmware, leads to potential out of bounds memory read.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 32.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://source.android.com/security/bulletin/pixel/2018-03-01
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=da1c6e996ac7635c202296e31118f088f9427947
- https://source.android.com/security/bulletin/pixel/2018-03-01
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=da1c6e996ac7635c202296e31118f088f9427947