CVE-2014-9890

Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-08-05

Description The issue is related to an off-by-one error in the msm cci.c file, which is part of the Qualcomm components in the Android operating system. This error can be exploited by a remote attacker using a specially crafted application that sends an I2C command, potentially allowing the attacker to gain privileges.

Recommendations For Android versions prior to 2016-08-05, update the operating system to a version released after 2016-08-05 to resolve the issue. As a temporary workaround, consider restricting access to the msm cci.c file or disabling the I2C command functionality until a patch is available.