CVE-2017-0577

Name of the Vulnerable Software and Affected Versions Android versions prior to Kernel-3.18

Description The issue is related to an elevation of privilege vulnerability in the HTC touchscreen driver, which could allow a local malicious application to execute arbitrary code within the context of the kernel. This is rated as High because it first requires compromising a privileged process. The vulnerability is also associated with insufficient access control in the HTC touchscreen driver, potentially allowing a remote attacker to execute arbitrary code in the context of the kernel using a special application.

Recommendations For Android versions prior to Kernel-3.18, update to a version that includes the fix for this issue to prevent potential exploitation. As a temporary workaround, consider restricting access to the HTC touchscreen driver until a patch is available.