Vulnerabilities > CVE-2017-8277 - Use After Free vulnerability in Google Android
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function msm_dba_register_client, if the client registers failed, it would be freed. However the client was not removed from list. Use-after-free would occur when traversing the list next time.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 18 |