CVE-2017-6276 - NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can oc

CVE-2017-6276

Summary

NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android: A-63802421. References: N-CVE-2017-6276.

References

http://www.securityfocus.com/bid/102106
https://source.android.com/security/bulletin/2017-12-01

Vulnerable Configurations

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 21-12-2017 - 20:18)
Impact:
Exploitability:

CWE

CWE-416

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	102106
confirm	https://source.android.com/security/bulletin/2017-12-01

Last major update

21-12-2017 - 20:18

Published

06-12-2017 - 18:29

Last modified

21-12-2017 - 20:18