High severity7.8NVD Advisory· Published Nov 16, 2017· Updated May 13, 2026

CVE-2017-11013

Description

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) is increased for each loop, while there is no boundary check against "pIe->arraybound".

Affected products

Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5
Range: All Android releases from CAF using the Linux kernel
Google/Android
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

source.android.com/security/bulletin/2017-11-01nvdPatchVendor Advisory
www.securityfocus.com/bid/101774nvdThird Party AdvisoryVDB Entry

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000