Use After Free Vulnerability in Qualcomm USB Driver for Android Products
CVE-2017-9684

7HIGH

Key Information:

Vendor
Qualcomm
Vendor
CVE Published:
18 August 2017

Summary

A race condition in the USB driver of Qualcomm products running Android releases from CAF that utilize the Linux kernel can trigger a Use After Free condition. This vulnerability may allow an attacker to exploit the system, leading to unauthorized access and potential manipulation of sensitive information, thereby jeopardizing the device's integrity.

Affected Version(s)

All Qualcomm products All Android releases from CAF using the Linux kernel

References

CVSS V3.1

Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.