CVE-2017-0706

Vulnerability

An elevation of privilege vulnerability exists in the Broadcom Wi-Fi driver (bcmdhd) used in the Android kernel. The vulnerability is triggered by a local application that sends a crafted request to the driver. Affected versions include Android 7.0 and earlier with kernel versions prior to the July 5, 2017 security patch level [1].

Exploitation

Exploitation requires the attacker to have local access to the device and the ability to install and run a malicious application. The application exploits the vulnerability by providing specially crafted input to the Wi-Fi driver, causing a memory corruption that leads to arbitrary code execution. No additional user interaction is needed once the app is launched [1].

Impact

Successful exploitation grants the attacker arbitrary code execution in the kernel context, resulting in full elevation of privilege. The attacker can then gain root or system-level access, bypassing Android's security sandbox [1].

Mitigation

Google addressed this vulnerability in the Android Security Bulletin for July 2017, with a patch included in the 2017-07-05 security patch level. Users are advised to update their devices to the latest Android security update. No workarounds are available for unpatched devices [1].