In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, There is no synchronization between msm_vb2 buffer operations which can lead to use after free.
References
Link | Resource |
---|---|
https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin | Patch Third Party Advisory |
https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin | Patch Third Party Advisory |
Configurations
History
21 Nov 2024, 03:36
Type | Values Removed | Values Added |
---|---|---|
References | () https://www.codeaurora.org/security-bulletin/2018/12/03/december-2018-code-aurora-security-bulletin - Patch, Third Party Advisory |
Information
Published : 2018-12-20 15:29
Updated : 2024-11-21 03:36
NVD link : CVE-2017-9704
Mitre link : CVE-2017-9704
CVE.ORG link : CVE-2017-9704
JSON object : View
Products Affected
- android
CWE
CWE-416
Use After Free