CVE-2017-18051

Name of the Vulnerable Software and Affected Versions: Android for MSM versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified)

Description: The issue is related to improper input validation for event->vdev id in the wma rcpi event handler() function, which can lead to a potential out of bounds memory read. This occurs because the input is received from firmware.

Recommendations: For Android for MSM, ensure proper validation of the event->vdev id variable in the wma rcpi event handler() function to prevent out of bounds memory access. For Firefox OS for MSM, consider restricting access to the wma rcpi event handler() function until a proper fix is applied. For QRD Android, as a temporary workaround, consider disabling the wma rcpi event handler() function until a patch is available.