CVE-2017-11013

Description

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "pIe->arraybound".

Affected products

• Qualcomm, Inc. / Android for MSM, Firefox OS for MSM, QRD AndroidAll Android releases from CAF using the Linux kernel – All Android releases from CAF using the Linux kernel

References

• MISChttp://www.securityfocus.com/bid/101774
• MISChttps://source.android.com/security/bulletin/2017-11-01