The following security vulnerabilities have been identified:
User can give number of operation classes more than 32 through HDD change station command. This will result in stack overflow during memcopy as the max number of supported channels is 32.
Access Vector: Local
Security Risk: Medium
Vulnerability: CWE-120 Buffer Copy Without Checking Size of Input (‘Classic Buffer Overflow’)
All Android releases from CAF using the Linux kernel.
We advise customers to apply the following patches:
This issue was reported to Google by an external security researcher. Qualcomm Innovation Center, Inc. (QuIC) thanks Google for bringing this issue to QuIC's attention.