CVE Published: 03/04/2018 |
CVE Updated: 17/09/2024 |
CVE Year: 2017 Source: qualcomm |
Vendor: Qualcomm, Inc. |
Product: Android for MSM, Firefox OS for MSM, QRD Android Status : PUBLISHED
CVE-2017-15853 Description
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing PTT commands, ptt_sock_send_msg_to_app() is invoked without validating the packet length. If the packet length is invalid, then a buffer over-read can occur.