CVE-2017-14912

Name of the Vulnerable Software and Affected Versions Android versions prior to 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile [VERSION]: MDM9206, MDM9607, MDM9650, MSM8909W, SD 200, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 835

Description The issue is related to insufficient access control in the Qualcomm Secure Display component of the Android operating system. This can allow a remote attacker to cause a buffer overflow. The attributes of buffers in Secure Display were not marked properly.

Recommendations For Android versions prior to 2018-01-05 on the specified Qualcomm Snapdragon IoT and Snapdragon Mobile versions, consider restricting access to the Secure Display component until a fix is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.