PT-2017-2805 · Qualcomm+2 · Qualcomm Products+2
Publicado
2017-04-25
·
Atualizado
2017-08-22
·
CVE-2017-8267
CVSS v2.0
7.6
Alta
| Vetor | AV:N/AC:H/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions
Android versions (affected versions not specified)
Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified)
Description
The issue is caused by a race condition in an IOCTL handler due to synchronization errors when using a shared resource. This can lead to an integer overflow and an out-of-bounds write. A remote attacker may exploit this issue.
Recommendations
For Android, update to a version that includes a fix for this issue, if available.
For Qualcomm products with Android releases from CAF using the Linux kernel, apply the necessary patches or updates to resolve the issue, if available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Integer Overflow
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Android
Linux Kernel
Qualcomm Products