ID CVE-2017-13216
Summary In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-66954097.
References
Vulnerable Configurations
  • Google Android Operating System
    cpe:2.3:o:google:android
CVSS
Base: 7.2
Impact:
Exploitability:
CWE CWE-787
CAPEC
exploit-db via4
description Android - Inter-Process munmap due to Race Condition in ashmem. CVE-2017-13216. Dos exploit for Android platform
file exploits/android/dos/43464.txt
id EDB-ID:43464
last seen 2018-01-24
modified 2018-01-08
platform android
port
published 2018-01-08
reporter Exploit-DB
source https://www.exploit-db.com/download/43464/
title Android - Inter-Process munmap due to Race Condition in ashmem
type dos
refmap via4
bid 102390
confirm https://source.android.com/security/bulletin/2018-01-01
sectrack 1040106
Last major update 12-01-2018 - 18:29
Published 12-01-2018 - 18:29
Last modified 30-01-2018 - 14:43
Back to Top