In multiple methods, there is a possible out of bounds read due to a missing bounds check during initial processing of a beacon packet. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
{ "vanir_signatures": [ { "digest": { "threshold": 0.9, "line_hashes": [ "109400056363292549430882148772746172488", "217080468234869487262905709307557665599", "8485399465318163994148678975449232462", "59514824455466417779846224586143123724", "270222282544671940919598724504062919554", "247201124301955786507592967573088092127", "8902386593177260905870327013606505603", "179254702865980486785999712459064881008" ] }, "id": "ASB-A-145728612-bc68c006", "source": "https://android.googlesource.com/kernel/common/+/f88eb7c0d002", "deprecated": false, "signature_version": "v1", "target": { "file": "net/wireless/nl80211.c" }, "signature_type": "Line" } ], "fixes": [ "https://android.googlesource.com/kernel/common/+/f88eb7c0d002" ], "spl": "2020-08-05", "severity": "High", "types": [ "ID" ] }