ID CVE-2017-8272
Summary In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write.
References
Vulnerable Configurations
  • cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
    cpe:2.3:o:google:android:*:*:*:*:*:*:*:*
CVSS
Base: 6.8 (as of 22-08-2017 - 17:04)
Impact:
Exploitability:
CWE CWE-787
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:P/A:P
refmap via4
bid 99465
confirm https://source.android.com/security/bulletin/2017-07-01
Last major update 22-08-2017 - 17:04
Published 18-08-2017 - 18:29
Last modified 22-08-2017 - 17:04
Back to Top