CVE-2017-9725

Summary

CVE	CVE-2017-9725
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2017-09-21 15:29:00 UTC
Updated	2019-10-03 00:03:00 UTC
Description	In all Qualcomm products with Android releases from CAF using the Linux kernel, during DMA allocation, due to wrong data type of size, allocation size gets truncated which makes allocation succeed when it should fail.

Risk And Classification

Problem Types: CWE-682

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Google	Android	All	All	All	All

References

Reference	Source	Link	Tags
Android Security Bulletin—September 2017 \| Android Open Source Project	CONFIRM	source.android.com	Patch, Vendor Advisory
Red Hat Customer Portal	REDHAT	access.redhat.com
Red Hat Customer Portal	REDHAT	access.redhat.com
Google Android Qualcomm Components Multiple Security Vulnerabilities	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
Red Hat Customer Portal	REDHAT	access.redhat.com
Red Hat Customer Portal	REDHAT	access.redhat.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

670634 EulerOS Security Update for kernel (EulerOS-SA-2021-2392)
671047 EulerOS Security Update for kernel (EulerOS-SA-2021-2588)