CVE-2017-13293

Name of the Vulnerable Software and Affected Versions: Android kernel

Description: The issue is related to a missing bounds check in the nfc hci cmd received() function of core.c, which could lead to a local escalation of privilege in the kernel. This can be exploited without additional execution privileges or user interaction.

Recommendations: For Android kernel, consider applying a patch that includes a bounds check in the nfc hci cmd received() function to prevent out of bounds write. At the moment, there is no information about a newer version that contains a fix for this vulnerability.