CVE-2017-11003

Name of the Vulnerable Software and Affected Versions Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description The issue occurs when updating a firmware image, where data is read from flash into RAM without verifying that the data fits within the allotted RAM size.

Recommendations For Android for MSM, ensure proper validation of data size before transferring it to RAM to prevent potential issues. For Firefox OS for MSM, implement checks to verify that firmware image data does not exceed the allocated RAM size during updates. For QRD Android, modify the firmware update process to include validation of data size against available RAM to mitigate potential problems. At the moment, there is no information about a newer version that contains a fix for this vulnerability.