CVE-2017-9711

Summary

Certain unprivileged processes are able to perform IOCTL calls.

Affected Software

VendorProductVersion RangeStatus
Qualcomm, Inc.SnapdragonMDM9206affected
Qualcomm, Inc.SnapdragonMDM9607affected
Qualcomm, Inc.SnapdragonMDM9640affected
Qualcomm, Inc.SnapdragonMDM9650affected
Qualcomm, Inc.SnapdragonMSM8909Waffected
Qualcomm, Inc.SnapdragonSD 210/SD 212/SD 205affected
Qualcomm, Inc.SnapdragonSD 425affected
Qualcomm, Inc.SnapdragonSD 430affected
Qualcomm, Inc.SnapdragonSD 450affected
Qualcomm, Inc.SnapdragonSD 615/16/SD 415affected
Qualcomm, Inc.SnapdragonSD 617affected
Qualcomm, Inc.SnapdragonSD 625affected
Qualcomm, Inc.SnapdragonSD 650/52affected
Qualcomm, Inc.SnapdragonSD 810affected
Qualcomm, Inc.SnapdragonSD 820affected
Qualcomm, Inc.SnapdragonSD 820Aaffected
Qualcomm, Inc.SnapdragonSD 835affected
Qualcomm, Inc.SnapdragonSD 845affected

Weaknesses

  • CWE-264: CWE-264 Permissions, Privileges, and Access Controls

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References