Vulnerability Description
In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is large enough then the address + length operation could overflow and produce a result far below the valid region.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | <= 8.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/100658Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2017-09-01PatchVendor Advisory
- http://www.securityfocus.com/bid/100658Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2017-09-01PatchVendor Advisory
FAQ
What is CVE-2017-10998?
CVE-2017-10998 is a vulnerability with a CVSS score of 7.8 (HIGH). In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is f...
How severe is CVE-2017-10998?
CVE-2017-10998 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-10998?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.