CVE-2017-6211

Name of the Vulnerable Software and Affected Versions Android for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) All Android releases from CAF using the Linux kernel versions (affected versions not specified)

Description A buffer overflow can occur in the processing of a downlink supplementary services message. The issue is related to the Qualcomm Multimode Core Protocol (MMCP) component in the Android operating system. Exploitation of the issue may allow a remote attacker to cause a buffer overflow.

Recommendations For Android for MSM, consider restricting the processing of downlink supplementary services messages until a fix is available. For QRD Android, temporarily disable the MMCP component to minimize the risk of exploitation. For Firefox OS for MSM, avoid using the vulnerable MMCP component in the processing of supplementary services messages. For all Android releases from CAF using the Linux kernel, restrict access to the vulnerable component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.