← Back

CVE-2017-9725

nvd nist
Published: Sep 21, 2017Modified: May 13, 2026

JSON object

Loading...
7.8
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail.

Affected (1)

Products: Google: Android
Google
1 product
Android
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Android
Up to 8.0

Related CWEs

CWE-682
Incorrect Calculation
The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

References (12)

Source: product-security@qualcomm.com
Third Party AdvisoryVDB Entry
Source: product-security@qualcomm.com
Source: product-security@qualcomm.com
Source: product-security@qualcomm.com
Source: product-security@qualcomm.com
Source: product-security@qualcomm.com
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory

Timeline

No history available yet.