exploitDog

CVE-2017-11027

Опубликовано: 16 нояб. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing UBI image, size is not validated for being smaller than minimum header size causing unintialized data access vulnerability.

Ссылки

https://source.android.com/security/bulletin/pixel/2017-11-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2017-11-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 3%

0.00016

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-c6m2-hrr2-7ghp

CVSS3: 7.8

github

больше 3 лет назад

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing UBI image, size is not validated for being smaller than minimum header size causing unintialized data access vulnerability.

EPSS

Процентиль: 3%

0.00016

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-20