CVE-2017-18144: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415…

CVE-2017-18144 [CRITICAL] CVE-2017-18144: Closed-source component Android Security Bulletin 2018-04-01 CVE: CVE-2017-18144 Severity: HIGH Type: N/A Component: Closed-source component References: A-70221450*

CVE-2017-18144 [CRITICAL] CWE-416 GHSA-4894-frvm-hgh4: In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/ In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing the retransmission of WPA supplicant command send failures, there is a make after break of the connection to WPA supplicant where the local pointer is not properly updated. If the WPA supplicant command transmission fails, a Use After Free condition will occur.