PT-2017-18240 · Qualcomm+2 · Qualcomm Products+2

Published

2017-08-18

Updated

2019-10-03

CVE-2017-8257

CVSS v2.0

6.8

Medium

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Qualcomm products with Android releases from CAF using the Linux kernel (affected versions not specified)

Description The issue arises when multiple processes access the sde rotator debug interface for register reading. In such cases, one process can free the debug buffer while another process still has the debug buffer in use.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2017-8257

Affected Products

Android

Linux Kernel

Qualcomm Products

PT-2017-18240 · Qualcomm+2 · Qualcomm Products+2

CVE-2017-8257

Weakness Enumeration

Related Identifiers

Affected Products

References · 3