ID CVE-2017-0610
Summary An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35399404. References: QC-CR#1094852.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*
  • cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*
CVSS
Base: 7.6 (as of 03-10-2019 - 00:03)
Impact:
Exploitability:
CWE CWE-754
CAPEC
Access
VectorComplexityAuthentication
NETWORK HIGH NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:H/Au:N/C:C/I:C/A:C
refmap via4
bid 98255
confirm https://source.android.com/security/bulletin/2017-05-01
Last major update 03-10-2019 - 00:03
Published 12-05-2017 - 15:29
Last modified 03-10-2019 - 00:03
Back to Top