CVE-2017-14909

Name of the Vulnerable Software and Affected Versions Android for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) All Android releases from CAF using the Linux kernel versions (affected versions not specified)

Description The issue arises due to insufficient validation of a count value read from a file. This could potentially allow a remote attacker to execute arbitrary code.

Recommendations For Android for MSM, consider implementing input validation for count values read from files until a patch is available. For QRD Android, restrict access to sensitive files to minimize the risk of exploitation. For Firefox OS for MSM, avoid using unvalidated count values from files in critical operations until the issue is resolved. For all Android releases from CAF using the Linux kernel, as a temporary workaround, consider disabling the use of count values from untrusted files. At the moment, there is no information about a newer version that contains a fix for this vulnerability.