CVE-2017-11038
CVE-2017-11038
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
16 Nov 2017Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the boot image header, range checks can be bypassed by supplying different versions of the header at the time of check and use.
Affected products
Qualcomm, Inc. · Android for MSM, Firefox OS for MSM, QRD Android