CVE-2017-15837

MEDIUM

Qualcomm Android for MSM - Out-of-bounds Read in nla_get_u32()

Title source: llm
STIX 2.1

Description

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a policy for the packet pattern attribute NL80211_PKTPAT_OFFSET is not defined which can lead to a buffer over-read in nla_get_u32().

References (1)

Core 1
Core References

Scores

CVSS v3 5.3
EPSS 0.0036
EPSS Percentile 28.3%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-125
Status published
Products (1)
google/android
Published Apr 03, 2018
Tracked Since Feb 18, 2026