exploitDog

CVE-2017-15826

Опубликовано: 30 мар. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 4.4

EPSS Низкий

Описание

Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures.

Ссылки

https://source.android.com/security/bulletin/pixel/2018-02-01
Vendor Advisory
https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=5ac3e9d038a7ee7edf77dde2dffae6f8ba528848
Patch
Third Party Advisory
https://source.android.com/security/bulletin/pixel/2018-02-01
Vendor Advisory
https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=5ac3e9d038a7ee7edf77dde2dffae6f8ba528848
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 2%

0.00013

Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

GHSA-vvwx-mj33-w2j6

CVSS3: 7.8

github

больше 3 лет назад

Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures.

EPSS

Процентиль: 2%

0.00013

Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-362