High severity7.8NVD Advisory· Published Sep 18, 2018· Updated Jun 17, 2026

CVE-2017-15828

Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow.

Affected products

Google/Linux kernelllm-create
Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5
Range: All Android releases from CAF using the Linux kernel

Patches

Vulnerability mechanics

References

source.codeaurora.org/quic/la/kernel/lk/commit/nvdPatchThird Party Advisory
www.codeaurora.org/security-bulletin/2018/09/04/september-2018-code-aurora-security-bulletinnvdPatchThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.507
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000