Vulnerability Description
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper buffer length calculation in wma_roam_scan_filter() leads to buffer overflow.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | - |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/103254Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2018-03-01Vendor Advisory
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcaclPatchThird Party Advisory
- http://www.securityfocus.com/bid/103254Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2018-03-01Vendor Advisory
- https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcaclPatchThird Party Advisory
FAQ
What is CVE-2017-18068?
CVE-2017-18068 is a vulnerability with a CVSS score of 7.8 (HIGH). In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper buffer length calculation in wma_roam_scan_filter() leads to buffer overflow.
How severe is CVE-2017-18068?
CVE-2017-18068 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-18068?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.