Uninitialized Heap Memory Flashing Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases

Uninitialized Heap Memory Flashing Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases

CVE-2017-11079 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.