High severity7.8NVD Advisory· Published May 12, 2017· Updated Jun 17, 2026
CVE-2017-8246
CVE-2017-8246
Description
In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the same memory (substream->runtime->private_data) with a NULL check, such as msm_pcm_volume_ctl_put(), which means this freed memory could be used.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5Range: All Android releases from CAF using the Linux kernel
Patches
Vulnerability mechanics
References
2- source.android.com/security/bulletin/2017-07-01nvdVendor Advisory
- www.codeaurora.org/use-after-free-alsa-pcm-playback-kernel-module-cve-2017-8246nvdBroken Link
News mentions
0No linked articles in our index yet.