QwikSec

Security Database

CVE

CWE

Training

CVE-2017-14882

Published: Mar 15, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing VENDOR specific action frame in the function lim_process_action_vendor_specific(), a comparison is performed with the incoming action frame body without validating if the action frame body received is of valid length, potentially leading to an out-of-bounds access.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://source.android.com/security/bulletin/2018-03-01

x_refsource_CONFIRM

https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=cd10091f03f6255a47d7146eea5738f1f4ceea35

x_refsource_MISC

vdb-entry

x_refsource_BID

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.