CVE-2017-9700

Name of the Vulnerable Software and Affected Versions Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description A buffer overwrite issue is present in the fw name store function when an image name of 64 characters is used, potentially allowing for unauthorized access or code execution. This issue affects Android releases from CAF that utilize the Linux kernel.

Recommendations For Android for MSM, update the fw name store function to properly handle image names of 64 characters or more. For Firefox OS for MSM, restrict the length of image names to prevent buffer overwrites in the fw name store function. For QRD Android, consider disabling the fw name store function until a proper fix is implemented to prevent buffer overwrites. At the moment, there is no information about a newer version that contains a fix for this vulnerability.