CVE-2014-3100

Android 4.3 - Stack-Based Buffer Overflow in KeyStore Service via Long Key Name

Title source: llm
STIX 2.1

Description

Stack-based buffer overflow in the encode_key function in /system/bin/keystore in the KeyStore service in Android 4.3 allows attackers to execute arbitrary code, and consequently obtain sensitive key information or bypass intended restrictions on cryptographic operations, via a long key name.

References (5)

Core 5

Scores

EPSS 0.0176
EPSS Percentile 75.3%

Details

CWE
CWE-119
Status published
Products (1)
google/android 4.3
Published Jul 02, 2014
Tracked Since Feb 18, 2026