CVE-2017-7369

Published: Jun 13, 2017Modified: May 13, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In all Android releases from CAF using the Linux kernel, an array index in an ALSA routine is not properly validating potentially leading to kernel stack corruption.

Affected (1)

Products: Google: Android

Google

1 product

Android

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Google Android	All versions

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (4)

http://www.securitytracker.com/id/1038623

Source: product-security@qualcomm.com

https://source.android.com/security/bulletin/2017-06-01

Source: product-security@qualcomm.com

PatchVendor Advisory

http://www.securitytracker.com/id/1038623

Source: af854a3a-2127-422b-91ae-364da2661108

https://source.android.com/security/bulletin/2017-06-01

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.