GHSA-pwg3-f8g7-h57r
GitHub Security Advisory
⚠ Unreviewed
CRITICAL
Has CVE
Advisory Details
a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is GSCAN_MAX), then it access polciy array 'policy[type]', which OOB access happens.Product: AndroidVersions: Android SoCAndroid ID: A-238379819
Related CVEs
Key Information
9.0
/10
Dataset
Last updated: July 30, 2025 6:36 AM
Data from GitHub Advisory Database. This information is provided for research and educational purposes.