The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_change_station in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extn_capability results in a read for extra bytes when a memcpy is done from params->ext_capab to StaParams.extn_capability using the sizeof(StaParams.extn_capability).
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: qualcomm
Published: 2018-03-30T21:00:00Z
Updated: 2024-09-17T00:56:04.935Z
Reserved: 2017-06-15T00:00:00
Link: CVE-2017-9693
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-03-30T21:29:01.497
Modified: 2018-04-25T18:24:17.950
Link: CVE-2017-9693
Redhat
No data.