Arbitrary Address Execution Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android

Arbitrary Address Execution Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android

CVE-2017-14889 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to the lack of a range check on the array index into the WMI descriptor pool, arbitrary address execution may potentially occur in the process mgmt completion handler.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.