CVE-2017-8244

Name of the Vulnerable Software and Affected Versions Android versions prior to a fixed version (affected versions not specified)

Description The issue affects the core info read and inst info read functions in Android releases using the Linux kernel. Variables dbg buf, dbg buf->curr, and dbg buf->filled size can be modified by different threads simultaneously without protection from mutex or locks, leading to potential buffer overflow on race conditions. The buffer->curr variable itself can also be overwritten, allowing it to point to any location in kernel memory for writing.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.