Vulnerability Description
In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | <= 8.0 |
References
- http://www.securityfocus.com/bid/100658Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2017-09-01Vendor Advisory
- https://source.android.com/security/bulletin/2018-02-01
- http://www.securityfocus.com/bid/100658Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2017-09-01Vendor Advisory
- https://source.android.com/security/bulletin/2018-02-01
FAQ
What is CVE-2017-11041?
CVE-2017-11041 is a vulnerability with a CVSS score of 7.8 (HIGH). In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another.
How severe is CVE-2017-11041?
CVE-2017-11041 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-11041?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.