ID CVE-2017-0339
Summary An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-27930566. References: N-CVE-2017-0339.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*
CVSS
Base: 7.6 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:H/Au:N/C:C/I:C/A:C
refmap via4
bid 97333
confirm https://source.android.com/security/bulletin/2017-04-01.html
sectrack 1038201
Last major update 03-10-2019 - 00:03
Published 05-04-2017 - 14:59
Back to Top