CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2017-15859

While processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE_DECR_DB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-11 a buffer overrun occurs.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 32.7%

CVSS Severity

CVSS v3 Score 7.5

CVSS v2 Score 5.0

References

https://source.android.com/security/bulletin/pixel/2018-02-01
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=88dcc44ea8fbe158d1dee3ea197e47794bf4449d
https://source.android.com/security/bulletin/pixel/2018-02-01
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=88dcc44ea8fbe158d1dee3ea197e47794bf4449d

Products affected by CVE-2017-15859

Google » Android » Version: N/A

cpe:2.3:o:google:android:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2017-15859

Products

Pricing

Contact Us