CVE-2017-14897

Name of the Vulnerable Software and Affected Versions Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description The issue arises when handling the QSEOS RPMB CHECK PROV STATUS COMMAND, where a userspace buffer is directly accessed in kernel space, potentially leading to security issues.

Recommendations For Android for MSM, consider restricting access to the QSEOS RPMB CHECK PROV STATUS COMMAND until a patch is available. For Firefox OS for MSM, avoid using the QSEOS RPMB CHECK PROV STATUS COMMAND in kernel space until the issue is resolved. For QRD Android, as a temporary workaround, consider disabling the direct access to userspace buffers in kernel space until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.