Medium severity6.5NVD Advisory· Published Mar 30, 2018· Updated Jun 17, 2026
CVE-2017-9681
CVE-2017-9681
Description
In Android before 2017-08-05 on Qualcomm MSM, Firefox OS for MSM, QRD Android, and all Android releases from CAF using the Linux kernel, if kernel memory address is passed from userspace through iris_vidioc_s_ext_ctrls ioctl, it will print kernel address data. A user could set it to an arbitrary kernel address, hence information disclosure (for kernel) could occur.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Qualcomm, Inc./Android for MSM, Firefox OS for MSM, QRD Androidv5Range: All Android releases from CAF using the Linux kernel
Patches
Vulnerability mechanics
References
2- www.securityfocus.com/bid/100210nvdThird Party AdvisoryVDB Entry
- source.android.com/security/bulletin/2017-08-01nvdVendor Advisory
News mentions
0No linked articles in our index yet.