exploitDog

CVE-2017-18061

Опубликовано: 16 мар. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, potential buffer overflow can happen when processing AOA measurement event from WIGIG firmware in wil_aoa_evt_meas().

Ссылки

https://source.android.com/security/bulletin/pixel/2018-03-01
Vendor Advisory
https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=b65cf2a007e88fe86dbd6d3269682fc585a4130f
Patch
Third Party Advisory
https://source.android.com/security/bulletin/pixel/2018-03-01
Vendor Advisory
https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=b65cf2a007e88fe86dbd6d3269682fc585a4130f
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 3%

0.00017

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-119

Связанные уязвимости

GHSA-8j55-gp4h-52hj

CVSS3: 7.8

github

больше 3 лет назад

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, potential buffer overflow can happen when processing AOA measurement event from WIGIG firmware in wil_aoa_evt_meas().

EPSS

Процентиль: 3%

0.00017

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-119