Описание
libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619.
Ссылки
- Vendor Advisory
- Issue TrackingPatch
- Vendor Advisory
- Issue TrackingPatch
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*
cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
EPSS
Процентиль: 25%
0.00088
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-264
Связанные уязвимости
CVSS3: 7.8
ubuntu
больше 9 лет назад
libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619.
CVSS3: 7.8
github
больше 3 лет назад
libril/RilSapSocket.cpp in Telephony in Android 6.x before 2016-10-01 and 7.0 before 2016-10-01 relies on variable-length arrays, which allows attackers to gain privileges via a crafted application, aka internal bug 30202619.
EPSS
Процентиль: 25%
0.00088
Низкий
7.8 High
CVSS3
6.8 Medium
CVSS2
Дефекты
CWE-264