Memory overflow in wifi driver function hdd_extscan_epno_fill_network_list (CVE-2016-8419)

Release Date:

February 14, 2017

Affected Projects:

Android for MSMFirefox OS for MSMQRD Android

Advisory ID:

QCIR-2017-00009-1

CVE ID(s):

CVE-2016-8419

Summary:

The following security vulnerabilities have been identified: CVE-2016-8419 Currently there is a single wlan_hdd_extscan_config_policy which contains entries for both EXTSCAN and PNO attributes. However the EXTSCAN and PNO attributes have separate and overlapping assignments. Therefore one policy cannot be used by both types of commands. In addition, when parsing nested PNO attributes the policy is not used, and hence no checking is performed on the nested data. This can result in a buffer overflow.

Access Vector: Local
Security Risk: Medium
Access Vector: Local

Affected Versions:

All Android releases from CAF using the Linux kernel.

Patch:

We advise customers to apply the following patches:

Individual Patches

Acknowledgement:

This issue was reported to Google by an external security researcher. Qualcomm Innovation Center, Inc. (QuIC) thanks Google for bringing this issue to QuIC's attention.

Revisions:

Initial

Contact:

security-advisory@quicinc.com