CVE-2017-8271 - Out of bound memory write can happen in the MDSS Rotator driver in all Qualcomm products with Androi

CVE-2017-8271

Summary

Out of bound memory write can happen in the MDSS Rotator driver in all Qualcomm products with Android releases from CAF using the Linux kernel by an unsanitized userspace-controlled parameter.

References

http://www.securityfocus.com/bid/99465
https://source.android.com/security/bulletin/2017-07-01

Vulnerable Configurations

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

CVSS

Base:	6.8 (as of 16-08-2017 - 14:02)
Impact:
Exploitability:

CWE

CWE-787

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:M/Au:N/C:P/I:P/A:P

refmap via4

bid	99465
confirm	https://source.android.com/security/bulletin/2017-07-01

Last major update

16-08-2017 - 14:02

Published

11-08-2017 - 15:29

Last modified

16-08-2017 - 14:02