CVE-2017-9697

Name of the Vulnerable Software and Affected Versions Android for MSM versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified)

Description A race condition exists that can allow access to already freed memory while reading command registration table entries in diag dbgfs read table. This issue affects Android releases from CAF using the Linux kernel.

Recommendations For Android for MSM, consider restricting access to the diag dbgfs read table function until a patch is available. For Firefox OS for MSM, avoid using the diag dbgfs read table function in sensitive operations until the issue is resolved. For QRD Android, as a temporary workaround, consider disabling the diag dbgfs read table function until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.