CVE-2017-9677

Name of the Vulnerable Software and Affected Versions Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified)

Description The issue arises from the function msm compr ioctl shared, where the variable ddp->params length can be accessed and modified by multiple threads without proper lock protection, leading to potential race conditions. If one thread is executing while another thread is setting data, it may cause a buffer overflow if ddp->params length is set to a large number.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.