CVE-2017-14907 - In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Li

CVE-2017-14907

Summary

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, cryptographic strength is reduced while deriving disk encryption key.

References

https://source.android.com/security/bulletin/pixel/2017-12-01

Vulnerable Configurations

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*
cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

confirm

https://source.android.com/security/bulletin/pixel/2017-12-01

Last major update

03-10-2019 - 00:03

Published

05-12-2017 - 17:29

Last modified

03-10-2019 - 00:03