CVE-2017-14870

Name of the Vulnerable Software and Affected Versions: Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description: The issue is related to a potential memory leak of 1088 bytes of stack memory when updating the recovery message for eMMC devices in Android for MSM, Firefox OS for MSM, and QRD Android, which use the Linux kernel.

Recommendations: For Android for MSM, consider applying configuration changes to minimize the risk of memory leak exploitation until a fix is available. For Firefox OS for MSM, restrict access to sensitive operations involving eMMC devices to minimize the risk of exploitation. For QRD Android, as a temporary workaround, consider disabling the recovery message update feature for eMMC devices until a patch is available.