CVE-2017-14873

Name of the Vulnerable Software and Affected Versions: Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description: A kernel memory overwrite can potentially occur in the pp pgc get config() graphics driver function. This issue affects Android releases from CAF using the Linux kernel.

Recommendations: For Android for MSM, consider restricting access to the pp pgc get config() function until a patch is available. For Firefox OS for MSM, restrict access to the pp pgc get config() function to minimize the risk of exploitation. For QRD Android, avoid using the pp pgc get config() function in sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.