High severity7.8NVD Advisory· Published Sep 21, 2017· Updated Jun 17, 2026
CVE-2017-9677
CVE-2017-9677
Description
In all Qualcomm products with Android releases from CAF using the Linux kernel, in function msm_compr_ioctl_shared, variable "ddp->params_length" could be accessed and modified by multiple threads, while it is not protected with locks. If one thread is running, while another thread is setting data, race conditions will happen. If "ddp->params_length" is set to a big number, a buffer overflow will occur.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2- source.android.com/security/bulletin/2017-09-01nvdPatchVendor Advisory
- www.securityfocus.com/bid/100658nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.