Out of memory and out of bounds vulnerability while handling netlink messages (CVE-2017-0460)

Release Date: 
May 1, 2017
Advisory ID: 
QCIR-2017-00031-1
Summary: 

The following security vulnerabilities have been identified:

 
CVE-2017-0460

While receiving netlink messages from userspace, an out of memory situation could occur if the incoming netlink message has its pid field set to 0. Similarly, while receiving netlink messages from userspace an out of bounds vulnerability could occur since boundaries on incoming data were not properly checked.

Access Vector: Local
Security Risk: Medium
Vulnerability: CWE-20 Improper Input Validation

Affected Versions:
All Android releases from CAF using the Linux kernel.

Acknowledgement: 

This issue was reported to Google by an external security researcher. Qualcomm Innovation Center, Inc. (QuIC) thanks Google for bringing this issue to QuIC's attention.

Revisions: 

Initial revision

Contact: 
security-advisory@quicinc.com