2 matches found
CVE-2017-10998
In all Qualcomm products with Android releases from CAF using the Linux kernel, in audioaioionlookupvaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. If the buffer length is large enough then the address + length operatio...
CVE-2017-10998
CVE-2017-10998 : In Qualcomm’s audio driver used on Android CAF builds, the function audio_aio_ion_lookup_vaddr uses a user-provided buffer length to validate the region. If length is large, the address+length check can overflow, yielding a result well below the valid region. This can lead to out...