Uninitialized Structure Vulnerability in Qualcomm Android Products with CAF and Linux Kernel

Uninitialized Structure Vulnerability in Qualcomm Android Products with CAF and Linux Kernel

CVE-2017-9680 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In all Qualcomm products with Android releases from CAF using the Linux kernel, if a pointer argument coming from userspace is invalid, a driver may use an uninitialized structure to log an error message.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.