Use After Free Vulnerability in Qualcomm USB Driver for Android Products
CVE-2017-9684
7HIGH
Summary
A race condition in the USB driver of Qualcomm products running Android releases from CAF that utilize the Linux kernel can trigger a Use After Free condition. This vulnerability may allow an attacker to exploit the system, leading to unauthorized access and potential manipulation of sensitive information, thereby jeopardizing the device's integrity.
Affected Version(s)
All Qualcomm products All Android releases from CAF using the Linux kernel
References
CVSS V3.1
Score:
7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved