Vulnerability Details CVE-2017-14876
In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 39.9%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
Products affected by CVE-2017-14876
-
cpe:2.3:o:google:android:-