CVE-2017-18057

Name of the Vulnerable Software and Affected Versions: Android for MSM versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified)

Description: The issue is related to improper input validation for vdev id in the wma nlo scan cmp evt handler() function, which receives input from firmware. This can lead to a potential out of bounds memory read.

Recommendations: For Android for MSM, ensure proper validation of vdev id in the wma nlo scan cmp evt handler() function to prevent out of bounds memory read. For Firefox OS for MSM, restrict access to the wma nlo scan cmp evt handler() function until a proper fix is applied. For QRD Android, consider disabling the wma nlo scan cmp evt handler() function as a temporary workaround until a patch is available.