CVE-2017-14914

Name of the Vulnerable Software and Affected Versions Android versions (affected versions not specified) Qualcomm Storage component in Android (affected versions not specified)

Description The issue is related to the handling of stale handles in the global client structure in Android for MSM, Firefox OS for MSM, and QRD Android, affecting all Android releases from CAF using the Linux kernel. Additionally, there is a vulnerability in the Qualcomm Storage component of the Android operating system, which is associated with the use of memory after it has been freed. This could allow a remote attacker to execute arbitrary code.

Recommendations For Android, update to a version that includes the fix for the stale handle issue in the global client structure. For Qualcomm Storage component, avoid using the vulnerable component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.