Unprotected Access to Global Variable in Qualcomm Android and Firefox OS
CVE-2017-14880 · MEDIUM Severity
AV:L/AC:L/AU:N/C:P/I:P/A:P
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while IPA WAN-driver is processing multiple requests from modem/user-space module, the global variable "num_q6_rule" does not have a mutex lock and thus can be accessed and modified by multiple threads.
Learn more about our Cis Benchmark Audit For Distribution Independent Linux.