Vulnerability Details CVE-2017-18063
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for nlo_event in wma_nlo_match_evt_handler(), which is received from firmware, leads to potential out of bound memory access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- http://www.securityfocus.com/bid/103254
- https://source.android.com/security/bulletin/2018-03-01
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=b9c0beac8f021f774f39df54e1f96fd87c2660f0
- http://www.securityfocus.com/bid/103254
- https://source.android.com/security/bulletin/2018-03-01
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=b9c0beac8f021f774f39df54e1f96fd87c2660f0