In the function wma_unified_power_debug_stats_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-18, if the value param_buf->num_debug_register received from the FW command buffer is close to max of uint32, then the computation performed using this variable to calculate stats_registers_len may overflow to a smaller value leading to less than required memory allocated for power_stats_results and potentially a buffer overflow while copying the FW buffer to local buffer.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: qualcomm
Published: 2018-03-30T21:00:00Z
Updated: 2024-09-16T16:18:52.540Z
Reserved: 2017-09-28T00:00:00
Link: CVE-2017-14883
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-03-30T21:29:00.607
Modified: 2018-04-25T15:03:16.777
Link: CVE-2017-14883
Redhat
No data.