VYPR
High severity7.8NVD Advisory· Published May 12, 2017· Updated Jun 17, 2026

CVE-2017-8246

CVE-2017-8246

Description

In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the same memory (substream->runtime->private_data) with a NULL check, such as msm_pcm_volume_ctl_put(), which means this freed memory could be used.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
  • Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5
    Range: All Android releases from CAF using the Linux kernel

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.