CVE-2017-0585

Name of the Vulnerable Software and Affected Versions Android versions Kernel-3.10, Kernel-3.18

Description An information disclosure issue in the Broadcom Wi-Fi driver could allow a local malicious application to access data outside of its permission levels. This issue requires compromising a privileged process first. The vulnerability is related to the lack of protection for service data, which could allow a remote attacker to violate data confidentiality using a local malicious application.

Recommendations For Android versions Kernel-3.10, Kernel-3.18, consider restricting access to the Broadcom Wi-Fi driver until a patch is available. As a temporary workaround, consider disabling the Wi-Fi functionality in privileged processes to minimize the risk of exploitation.