CVE-2017-17766

Name of the Vulnerable Software and Affected Versions: Android for MSM versions prior to 2017-10-03 Firefox OS for MSM versions prior to 2017-10-03 QRD Android versions prior to 2017-10-03

Description: The issue arises from improper validation of the num peers value received from firmware in the wma peer info event handler() function. This can lead to an integer overflow vulnerability when allocating a buffer, potentially resulting in a buffer overflow.

Recommendations: For Android for MSM versions prior to 2017-10-03, update to a version released after 2017-10-03 to resolve the issue. For Firefox OS for MSM versions prior to 2017-10-03, update to a version released after 2017-10-03 to resolve the issue. For QRD Android versions prior to 2017-10-03, update to a version released after 2017-10-03 to resolve the issue.