-
- Downloads
qcacld-2.0: Fix buffer overflow in WLANSAP_Set_WPARSNIes()
Currently In WLANSAP_Set_WPARSNIes() the parameter WPARSNIEsLen is user-controllable and never validates which uses as the length for a memory copy. This enables user-space applications to corrupt heap memory and potentially crash the kernel. Fix is to validate the WPARSNIes length to its max before use as the length for a memory copy. References: CVE-2017-6424 Change-Id: I7aff731aeae22bfd84beb955439a799abef37f68 CRs-Fixed: 1102648
Please register or sign in to comment