PatchSiren cyber security CVE debrief
CVE-2017-0437 Linux CVE debrief
CVE-2017-0437 describes a Qualcomm Wi‑Fi driver elevation-of-privilege vulnerability that could let a local malicious application execute arbitrary code in kernel context. The CVE text says the issue is rated High because it first requires compromising a privileged process. In the supplied corpus, NVD also maps the issue to affected Android builds and Linux kernel CPEs, so remediation should be validated against the specific device or kernel image in use.
- Vendor
- Linux
- Product
- CVE-2017-0437
- CVSS
- HIGH 7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2017-02-08
- Original CVE updated
- 2026-05-13
- Advisory published
- 2017-02-08
- Advisory updated
- 2026-05-13
Who should care
Android OEMs and firmware maintainers, Linux kernel and driver teams, device fleet operators running affected Android or kernel builds, and security teams responsible for privilege-boundary hardening on mobile devices.
Technical summary
The supplied CVE description attributes the flaw to Qualcomm Wi‑Fi driver code and says successful abuse could lead to arbitrary code execution in kernel context. NVD classifies the weakness as CWE-120 and records a CVSS 3.0 vector of AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H, indicating local access, user interaction, and high impact if exploitation succeeds. The corpus also lists Android and Linux kernel CPEs, including Android up to 7.1.1 and Linux kernel 3.10 and 3.18.
Defensive priority
High for any affected build. Kernel-context code execution can fully compromise device integrity, so patching and device-image validation should be prioritized even though the CVE notes the attack path requires local conditions and compromise of a privileged process first.
Recommended defensive actions
- Apply the vendor-provided Android security bulletin remediation to all affected device builds and firmware images.
- Confirm whether your fleet includes Android builds or Linux kernel 3.10/3.18 images that match the supplied vulnerable CPEs.
- Treat the supplied scope carefully during triage because the corpus mixes Android-specific wording with Linux kernel CPEs; validate by device image, OEM bulletin, or kernel build.
- Review privilege-boundary hardening controls and app-installation trust policies while remediation is being deployed.
- Monitor affected devices for abnormal Wi-Fi driver behavior, kernel crashes, or other signs of driver instability.
- Track OEM and distribution guidance referenced by the Android security bulletin and third-party advisories linked in the record.
Evidence notes
This debrief is based only on the supplied CVE record, the NVD modified entry, and the references embedded there. The CVE description states the Qualcomm Wi‑Fi driver issue can enable kernel-context code execution and that exploitation first requires compromising a privileged process. NVD supplies the CVSS 3.0 vector, CWE-120 mapping, and vulnerable CPEs for Android and Linux kernel versions. The record also links an Android security bulletin and third-party advisories as corroborating references.
Official resources
-
CVE-2017-0437 CVE record
CVE.org
-
CVE-2017-0437 NVD detail
NVD
-
Source item URL
nvd_modified
-
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
- Source reference
-
Mitigation or vendor reference
[email protected] - Vendor Advisory
Publicly disclosed and published in the supplied record on 2017-02-08. The supplied timeline also shows the NVD record was later modified on 2026-05-13. The record references an Android security bulletin and third-party advisories.