Vulnerability Details : CVE-2017-9693
The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_change_station in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extn_capability results in a read for extra bytes when a memcpy is done from params->ext_capab to StaParams.extn_capability using the sizeof(StaParams.extn_capability).
Vulnerability category: Overflow
Products affected by CVE-2017-9693
- cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2017-9693
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 11 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-9693
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
|
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2017-9693
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-9693
-
https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=05a5abb21e4d97001f77d344444a3ec2f9c275f9
platform/vendor/qcom-opensource/wlan/qcacld-2.0 - Unnamed repositoryPatch;Third Party Advisory
-
https://www.codeaurora.org/security-bulletin/2017/10/20/october-2017-v1
October 2017 Code Aurora Security Bulletin - Code AuroraThird Party Advisory
-
http://www.securityfocus.com/bid/100210
Google Android Drivers Multiple Security VulnerabilitiesThird Party Advisory;VDB Entry
Jump to