CVE-2017-0521

Name of the Vulnerable Software and Affected Versions Android versions Kernel-3.10 through Kernel-3.18

Description The issue is related to an elevation of privilege vulnerability in the Qualcomm camera driver, which could allow a local malicious application to execute arbitrary code within the context of the kernel. This is rated as High because it first requires compromising a privileged process. The vulnerability is associated with insufficient access control in the Qualcomm camera driver, potentially enabling a remote attacker to elevate privileges and execute arbitrary code in the kernel context using a local malicious application.

Recommendations For Android versions Kernel-3.10 through Kernel-3.18, consider restricting access to the Qualcomm camera driver as a temporary mitigation measure until a patch is available. As a workaround, disabling the Qualcomm camera driver may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.