CVE-2017-9725

high

Description

In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail.

References

https://source.android.com/security/bulletin/2017-09-01

https://access.redhat.com/errata/RHSA-2018:1170

https://access.redhat.com/errata/RHSA-2018:1130

https://access.redhat.com/errata/RHSA-2018:1062

https://access.redhat.com/errata/RHSA-2018:0676

http://www.securityfocus.com/bid/100658

Details

Source: Mitre, NVD

Published: 2017-09-21

Updated: 2019-10-03

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H