Vulnetix
Try Vulnetix Request Demo
CVE-2017-14879 PUBLISHED CVSS 8.800000190734863 HIGH

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipa_idr pointer using ipa_idr_find() function, the wrong structure pointer can be returned resulting in a slab out of bound access in the IPA driver.

EPSS 0.08% · 23.2th percentile

Risk Scores

CVSS v3.0
8.800000190734863
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.08%
23.2th percentile

Affected Products

VendorProductVersions
googleandroid
Qualcomm, Inc.Android for MSM, Firefox OS for MSM, QRD AndroidAll Android releases from CAF using the Linux kernel

Timeline

References

Open in Interactive Console →