ID CVE-2017-0404
Summary An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32510733.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*
CVSS
Base: 7.6 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:H/Au:N/C:C/I:C/A:C
refmap via4
bid 95281
confirm https://source.android.com/security/bulletin/2017-01-01.html
Last major update 03-10-2019 - 00:03
Published 12-01-2017 - 20:59
Last modified 03-10-2019 - 00:03
Back to Top