CVE-2017-7369
HIGHAndroid - Kernel Stack Corruption via ALSA Array Index Validation
Title source: llmDescription
In all Android releases from CAF using the Linux kernel, an array index in an ALSA routine is not properly validating potentially leading to kernel stack corruption.
References (2)
Core 2
Core References
Patch, Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2017-06-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id/1038623
Scores
CVSS v3
7.8
EPSS
0.0008
EPSS Percentile
22.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (2)
google/android
Qualcomm, Inc./All Qualcomm products
All Android releases from CAF using the Linux kernel
Published
Jun 13, 2017
Tracked Since
Feb 18, 2026