CVE-2017-9683

Name of the Vulnerable Software and Affected Versions Android for MSM versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified)

Description The issue is related to an integer overflow that can occur when flashing a meta image, specifically if user-defined image offset and size values are too large. This is due to the lack of checking for image size and offset. The exploitation of this issue could allow a local attacker to cause an integer overflow.

Recommendations For Android for MSM, consider restricting the use of large user-defined image offset and size values until a fix is available. For Firefox OS for MSM, avoid using large image sizes and offsets when flashing meta images to minimize the risk of exploitation. For QRD Android, as a temporary workaround, consider implementing checks for image size and offset to prevent integer overflows until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.