CVE-2017-11066

Summary

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing ubi image an uninitialized memory could be accessed.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.Android for MSM, Firefox OS for MSM, QRD AndroidAll Android releases from CAF using the Linux kernelaffected

Weaknesses

  • Buffer Copy without Checking Size of Input in Boot

ADP Enrichment

CVE Program Container

Additional References

References