CVE-2017-18052

Name of the Vulnerable Software and Affected Versions: Android for MSM versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified)

Description: The issue arises from improper input validation in the wma mgmt tx bundle completion handler() function for parameters such as cmpl params->num reports, param buf->desc ids, and param buf->status, which are received from firmware. This can lead to a potential out of bounds memory read.

Recommendations: For Android for MSM, ensure proper validation of cmpl params->num reports, param buf->desc ids, and param buf->status in the wma mgmt tx bundle completion handler() function to prevent out of bounds memory access. For Firefox OS for MSM, consider implementing input validation for the aforementioned parameters in the wma mgmt tx bundle completion handler() function. For QRD Android, restrict access to the wma mgmt tx bundle completion handler() function until proper input validation for cmpl params->num reports, param buf->desc ids, and param buf->status is implemented.