CVE-2017-18059

Name of the Vulnerable Software and Affected Versions: Android for MSM versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified)

Description: The issue is related to improper input validation for vdev id in the wma scan event callback() function, which receives input from firmware. This can lead to a potential out of bounds memory read.

Recommendations: For Android for MSM, ensure proper validation of the vdev id in the wma scan event callback() function to prevent out of bounds memory access. For Firefox OS for MSM, restrict the input from firmware to prevent exploitation of the improper validation in the wma scan event callback() function. For QRD Android, consider disabling the wma scan event callback() function until a proper fix is applied to prevent potential out of bounds memory reads.