PatchSiren cyber security CVE debrief

CVE-2017-0445 Google CVE debrief

CVE-2017-0445 is a High-severity Android kernel issue in the HTC touchscreen driver that could allow a local malicious application to execute arbitrary code in kernel context. The CVE description says the issue first requires compromising a privileged process. NVD lists affected Android versions up to 7.1.1 and Linux kernel 3.18, and the Android Security Bulletin provides the vendor patch reference.

Vendor: Google
Product: CVE-2017-0445
CVSS: HIGH 7
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-08
Original CVE updated: 2026-05-13
Advisory published: 2017-02-08
Advisory updated: 2026-05-13

Who should care

Android OEMs, device maintainers, security teams managing Android fleets, and anyone responsible for patching devices that ship the affected kernel/driver combination.

Technical summary

The published description identifies an elevation-of-privilege flaw in the HTC touchscreen driver. The stated impact is arbitrary code execution within kernel context from a local malicious application, with additional prerequisite compromise of a privileged process. NVD records the issue under CVSS 3.0 vector AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H and maps exposure to Android up to 7.1.1 and Linux kernel 3.18. The Android Security Bulletin dated 2017-02-01 is the vendor patch reference in the supplied corpus.

Defensive priority

High for any environment running affected Android builds or OEM kernels that include the HTC touchscreen driver path referenced by the bulletin and NVD record. Prioritize patch verification over generic hardening because the impact is kernel-level code execution.

Recommended defensive actions

Confirm whether any shipped devices include the affected HTC touchscreen driver and kernel branch referenced by the Android bulletin and NVD.
Apply the Android Security Bulletin 2017-02-01 fixes or OEM-equivalent backports as soon as available.
Verify device security patch level and kernel build provenance across all Android fleets.
Treat exposed devices as higher risk where untrusted local apps can be installed, especially on older Android releases.
Monitor for OEM-specific advisories that map the bulletin to device models and patch trains.
If you cannot patch immediately, reduce exposure by limiting app installation sources and tightening device access controls where feasible.

Evidence notes

Primary source data comes from the NVD CVE record and the Android Security Bulletin reference included in the NVD metadata. The CVE was published on 2017-02-08. NVD lists the affected CPEs as Android up to 7.1.1 and Linux kernel 3.18, and the reference list includes the Android vendor advisory plus third-party advisories. No CISA KEV entry is present in the supplied corpus.

Official resources

CVE-2017-0445 CVE record
CVE.org
CVE-2017-0445 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory

Publicly disclosed in the Android Security Bulletin dated 2017-02-01 and recorded by NVD on 2017-02-08. The supplied corpus does not show a CISA KEV listing or ransomware association.