CVE-2017-6421

Опубликовано: 16 авг. 2017

Источник: nvd

CVSS3: 8.8

CVSS2: 5.8

EPSS Низкий

Описание

In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow.

Ссылки

http://www.securitytracker.com/id/1038623
Third Party Advisory
VDB Entry
https://source.android.com/security/bulletin/2017-06-01
Patch
Vendor Advisory
https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=be42c7ff1f0396484882451fd18f47144c8f1b6b
Issue Tracking
Patch
Third Party Advisory
http://www.securitytracker.com/id/1038623
Third Party Advisory
VDB Entry
https://source.android.com/security/bulletin/2017-06-01
Patch
Vendor Advisory
https://source.codeaurora.org/quic/la//kernel/msm-4.4/commit/?id=be42c7ff1f0396484882451fd18f47144c8f1b6b
Issue Tracking
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

EPSS

Процентиль: 50%

0.00268

Низкий

8.8 High

CVSS3

5.8 Medium

CVSS2

Дефекты

CWE-120

Связанные уязвимости

GHSA-99c4-h84h-pv2j