CVE-2017-18061

Name of the Vulnerable Software and Affected Versions: Android for MSM versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified)

Description: A potential buffer overflow issue exists when processing AOA measurement events from WIGIG firmware in the wil aoa evt meas() function. This issue affects Android releases from CAF using the Linux kernel.

Recommendations: For Android for MSM, consider restricting access to the wil aoa evt meas() function until a patch is available. For Firefox OS for MSM, avoid using the WIGIG firmware until the issue is resolved. For QRD Android, as a temporary workaround, consider disabling the AOA measurement event processing until a fix is provided. At the moment, there is no information about a newer version that contains a fix for this vulnerability.