CVE-2017-9705
CVE-2017-9705
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.2%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
10 Jan 2018Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and list_add() overlapping and corrupting the next and previous pointers.
Affected products
Qualcomm, Inc. · Android for MSM, Firefox OS for MSM, QRD Android