CVE-2017-18277

Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon versions MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCN5502, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835

Description: The issue occurs when dynamic memory allocation fails, causing the process to sleep for one second and then continue with an infinite loop without retrying for memory allocation. This affects various Qualcomm Snapdragon versions used in automobile, mobile, and wear devices.

Recommendations: For versions MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCN5502, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, consider implementing a retry mechanism for dynamic memory allocation to prevent infinite loops. At the moment, there is no information about a newer version that contains a fix for this vulnerability.