Arbitrary Memory Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android

Arbitrary Memory Access Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android

CVE-2017-9698 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improperly specified offset/size values for a submission command could cause a math operation to overflow and could result in an access to arbitrary memory. The combined pointer will overflow and possibly pass further checks intended to avoid accessing unintended memory.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.