cnvd - cnvd-2018-10694

cnvd-2018-10694

Vulnerability from cnvd

Title: Google Android Media framework拒绝服务漏洞（CNVD-2018-10694 ）

Description:

安卓（Android）是一种基于Linux的自由及开放源代码的操作系统，由谷歌公司和开放手机联盟领导及开发。

Google Android 6.0、6.0.1、7.0、7.1.1、7.1.2、8.0、8.1中的Media framework存在拒绝服务漏洞。攻击者可利用该漏洞导致拒绝服务。

Severity: 中

Patch Name: Google Android Media framework拒绝服务漏洞（CNVD-2018-10694 ）的补丁

Patch Description:

安卓（Android）是一种基于Linux的自由及开放源代码的操作系统，由谷歌公司和开放手机联盟领导及开发。

Google Android 6.0、6.0.1、7.0、7.1.1、7.1.2、8.0、8.1中的Media framework存在拒绝服务漏洞。攻击者可利用该漏洞导致拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布漏洞修复程序，请及时关注更新： https://source.android.com/security/bulletin/2018-05-01

Reference: https://source.android.com/security/bulletin/2018-05-01

Impacted products

Name
['Google Android 6.0', 'Google Android 6.0.1', 'Google Android 7.0', 'Google Android 7.1.1', 'Google Android 7.1.2', 'Google Android 8.0', 'Google Android 8.1']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2017-13313"
    }
  },
  "description": "\u5b89\u5353\uff08Android\uff09\u662f\u4e00\u79cd\u57fa\u4e8eLinux\u7684\u81ea\u7531\u53ca\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u64cd\u4f5c\u7cfb\u7edf\uff0c\u7531\u8c37\u6b4c\u516c\u53f8\u548c\u5f00\u653e\u624b\u673a\u8054\u76df\u9886\u5bfc\u53ca\u5f00\u53d1\u3002\r\n\r\nGoogle Android 6.0\u30016.0.1\u30017.0\u30017.1.1\u30017.1.2\u30018.0\u30018.1\u4e2d\u7684Media framework\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "Google",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://source.android.com/security/bulletin/2018-05-01",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-10694",
  "openTime": "2018-05-31",
  "patchDescription": "\u5b89\u5353\uff08Android\uff09\u662f\u4e00\u79cd\u57fa\u4e8eLinux\u7684\u81ea\u7531\u53ca\u5f00\u653e\u6e90\u4ee3\u7801\u7684\u64cd\u4f5c\u7cfb\u7edf\uff0c\u7531\u8c37\u6b4c\u516c\u53f8\u548c\u5f00\u653e\u624b\u673a\u8054\u76df\u9886\u5bfc\u53ca\u5f00\u53d1\u3002\r\n\r\nGoogle Android 6.0\u30016.0.1\u30017.0\u30017.1.1\u30017.1.2\u30018.0\u30018.1\u4e2d\u7684Media framework\u5b58\u5728\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Google Android Media framework\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-10694 \uff09\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Google Android 6.0",
      "Google Android  6.0.1",
      "Google Android  7.0",
      "Google Android  7.1.1",
      "Google Android  7.1.2",
      "Google Android 8.0",
      "Google Android 8.1"
    ]
  },
  "referenceLink": "https://source.android.com/security/bulletin/2018-05-01",
  "serverity": "\u4e2d",
  "submitTime": "2018-05-08",
  "title": "Google Android Media framework\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff08CNVD-2018-10694 \uff09"
}

CVE-2017-13313 (GCVE-0-2017-13313)

Vulnerability from cvelistv5

Published

2024-11-15 22:00

Modified

2024-11-19 16:01

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Summary

In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.

References

▼	URL	Tags
	https://source.android.com/security/bulletin/2018-05-01

Impacted products

	Vendor	Product	Version
	Google	Android	Version: 6 Version: 6.0.1 Version: 7 Version: 8 Version: 8.1 Version: nyc-mr1-dev Version: nyc-mr2-dev

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "android",
            "vendor": "google",
            "versions": [
              {
                "status": "affected",
                "version": "6"
              },
              {
                "status": "affected",
                "version": "6.0.1"
              },
              {
                "status": "affected",
                "version": "7"
              },
              {
                "status": "affected",
                "version": "8"
              },
              {
                "status": "affected",
                "version": "8.1"
              },
              {
                "status": "affected",
                "version": "nyc-mr1-dev"
              },
              {
                "status": "affected",
                "version": "nyc-mr2-dev"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2017-13313",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-19T15:56:26.967693Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-19T16:01:39.585Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Android",
          "vendor": "Google",
          "versions": [
            {
              "status": "affected",
              "version": "6"
            },
            {
              "status": "affected",
              "version": "6.0.1"
            },
            {
              "status": "affected",
              "version": "7"
            },
            {
              "status": "affected",
              "version": "8"
            },
            {
              "status": "affected",
              "version": "8.1"
            },
            {
              "status": "affected",
              "version": "nyc-mr1-dev"
            },
            {
              "status": "affected",
              "version": "nyc-mr2-dev"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIn ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation.\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "In ElementaryStreamQueue::dequeueAccessUnitMPEG4Video of ESQueue.cpp, there is a possible infinite loop leading to resource exhaustion due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-15T22:00:33.699Z",
        "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
        "shortName": "google_android"
      },
      "references": [
        {
          "url": "https://source.android.com/security/bulletin/2018-05-01"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
    "assignerShortName": "google_android",
    "cveId": "CVE-2017-13313",
    "datePublished": "2024-11-15T22:00:33.699Z",
    "dateReserved": "2017-08-23T00:00:00.000Z",
    "dateUpdated": "2024-11-19T16:01:39.585Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted