CVE-2017-15817

Summary

In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentially leading to authentication failure.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Android for MSM, Firefox OS for MSM, QRD AndroidAll Android releases from CAF using the Linux kernelaffected

Weaknesses

  • Stack-based Buffer Overflow in WLAN

ADP Enrichment

CVE Program Container

Additional References

References