CVE-2014-9880

Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-08-05

Description The issue is related to the lack of validation of VEN IOCTL GET SEQUENCE HDR ioctl calls in the drivers/video/msm/vidc/common/enc/venc.c file of the Qualcomm components in Android. This allows attackers to gain privileges via a crafted application.

Recommendations For Android versions prior to 2016-08-05, update the system to a version released after 2016-08-05 to resolve the issue. As a temporary workaround, consider restricting the use of the vulnerable ioctl calls until a patch is available.