CVE-2017-18066

Name of the Vulnerable Software and Affected Versions: Android for MSM versions (affected versions not specified) Firefox OS for MSM versions (affected versions not specified) QRD Android versions (affected versions not specified)

Description: The issue is related to improper controls in MSM CORE, which leads to the use of memory after it is freed in the msm core ioctl() function. This affects Android for MSM, Firefox OS for MSM, and QRD Android, with all Android releases from CAF using the Linux kernel.

Recommendations: For Android for MSM, consider restricting access to the msm core ioctl() function until a fix is available. For Firefox OS for MSM, avoid using the msm core ioctl() function in sensitive operations until the issue is resolved. For QRD Android, as a temporary workaround, consider disabling the msm core ioctl() function to minimize the risk of exploitation.