PatchSiren

PatchSiren cyber security CVE debrief

CVE-2017-0449 Google CVE debrief

CVE-2017-0449 is an Android elevation-of-privilege vulnerability in the Broadcom Wi‑Fi driver that could allow a local malicious application to execute code in kernel context. The Android bulletin characterizes the issue as Moderate because exploitation first requires compromising a privileged process and current platform configurations reduce impact. NVD rates it HIGH with a CVSS 3.0 vector of AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H.

Vendor
Google
Product
CVE-2017-0449
CVSS
HIGH 7
CISA KEV
Not listed in stored evidence
Original CVE published
2017-02-08
Original CVE updated
2026-05-13
Advisory published
2017-02-08
Advisory updated
2026-05-13

Who should care

Android OEMs, device maintainers, and security teams supporting devices that use the affected Broadcom Wi‑Fi driver path, especially builds mapped to Android versions through 7.1.1 and Kernel 3.10. Enterprises managing older Android fleets should prioritize validation of vendor patches and device-specific OTA availability.

Technical summary

NVD lists CVE-2017-0449 as affecting Android through version 7.1.1 and Linux kernel 3.10. The issue is an elevation of privilege in the Broadcom Wi‑Fi driver, with kernel-context impact if a local malicious app can reach the vulnerable condition after first compromising a privileged process. NVD records the weakness as NVD-CWE-noinfo, so the public record does not provide a more specific CWE classification. The Android security bulletin linked in NVD provides the vendor patch reference.

Defensive priority

High for affected Android device baselines, but with environmental dependence. The vulnerability is local and requires additional preconditions, yet kernel-context impact and the possibility of arbitrary code execution justify prompt patch validation on exposed fleets.

Recommended defensive actions

  • Confirm whether any deployed Android images or custom kernels correspond to the affected CPE ranges, especially Android through 7.1.1 and Kernel 3.10.
  • Apply the Android security bulletin guidance and vendor patches referenced for the February 2017 bulletin cycle.
  • Prioritize patch testing on devices that ship Broadcom Wi‑Fi components or derived kernel trees.
  • If immediate patching is not possible, reduce risk by restricting installation of untrusted apps and tightening privilege boundaries on managed devices.
  • Track OEM security update status for devices that may remain on legacy Android releases.

Evidence notes

The description and vendor bulletin state this is an Android Broadcom Wi‑Fi driver elevation-of-privilege issue that can reach kernel context. NVD’s CVSS vector is CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access, high complexity, and user interaction. NVD’s affected CPEs include android versions up to 7.1.1 and linux_kernel 3.10. The Android bulletin reference is https://source.android.com/security/bulletin/2017-02-01.html. NVD also links third-party advisories and tracker entries, but the Android bulletin is the primary vendor reference in the supplied corpus.

Official resources

CVE-2017-0449 was published in the CVE record on 2017-02-08T15:59:02.003Z. The Android security bulletin reference in the supplied corpus is dated 2017-02-01, and the NVD record was later modified on 2026-05-13T00:24:29.033Z.