PatchSiren cyber security CVE debrief

CVE-2017-0443 Linux CVE debrief

CVE-2017-0443 is a High-severity elevation of privilege issue in the Qualcomm Wi‑Fi driver affecting Android and listed kernel branches 3.10 and 3.18. According to the CVE description, a local malicious application could execute arbitrary code in kernel context, but only after first compromising a privileged process. Because the impact reaches the kernel, the issue deserves prompt patching on affected Android devices and vendor kernels.

Vendor: Linux
Product: CVE-2017-0443
CVSS: HIGH 7
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-02-08
Original CVE updated: 2026-05-13
Advisory published: 2017-02-08
Advisory updated: 2026-05-13

Who should care

Android OEMs and device integrators, kernel maintainers, mobile endpoint defenders, enterprise Android fleet administrators, and teams responsible for vendor patch intake and backport validation.

Technical summary

The official CVE description identifies an elevation of privilege vulnerability in the Qualcomm Wi‑Fi driver that can lead to arbitrary code execution within the kernel context. NVD lists affected CPEs for Android 7.1.1 and Linux kernel 3.10 and 3.18, and records a CVSS 3.0 vector of AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H. The source corpus also links the Android security bulletin and a Code Aurora vendor notice for the same CVE. The record does not provide a specific CWE beyond NVD-CWE-noinfo.

Defensive priority

High. Kernel-context compromise on mobile devices is a strong reason to prioritize remediation, especially on devices that accept third-party apps or may already have a lower-privilege foothold.

Recommended defensive actions

Apply the Android security bulletin fixes referenced for this CVE and verify the patch level on all affected devices.
Confirm whether your vendor kernel builds include the Qualcomm fix for kernel 3.10 or 3.18 branches, and backport if necessary.
Inventory exposed Android builds and device models that map to the affected CPEs before scheduling remediation.
Treat the issue as a local post-compromise escalation path and raise urgency for devices that may already host untrusted applications.
Validate that OEM and carrier update channels have delivered the mitigation; do not rely on upstream publication alone.
Track the Code Aurora and Android advisory references for vendor-specific guidance and backport notes.

Evidence notes

This debrief is based only on the supplied CVE record and referenced official/vendor sources. The CVE description states the Qualcomm Wi‑Fi driver flaw can enable kernel-context code execution and that exploitation first requires compromising a privileged process. NVD metadata lists vulnerable CPEs for Android 7.1.1, Linux kernel 3.10, and Linux kernel 3.18, and the Android security bulletin and Code Aurora notice are included as references. PublishedAt is 2017-02-08T15:59:01.770Z; ModifiedAt 2026-05-13T00:24:29.033Z is a record update date only, not the vulnerability date.

Official resources

CVE-2017-0443 CVE record
CVE.org
CVE-2017-0443 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Patch, Vendor Advisory
Source reference
[email protected]

Publicly disclosed in the supplied CVE record on 2017-02-08. The record was later modified on 2026-05-13, which should be treated as metadata update timing only. No KEV listing or ransomware campaign use was provided in the supplied corpus.