exploitDog

CVE-2017-8247

Опубликовано: 21 сент. 2017

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Низкий

Описание

In all Qualcomm products with Android releases from CAF using the Linux kernel, if there is more than one thread doing the device open operation, the device may be opened more than once. This would lead to get_pid being called more than once, however put_pid being called only once in function "msm_close".

Ссылки

http://www.securityfocus.com/bid/100658
Third Party Advisory
VDB Entry
https://source.android.com/security/bulletin/2017-09-01
Patch
Vendor Advisory
http://www.securityfocus.com/bid/100658
Third Party Advisory
VDB Entry
https://source.android.com/security/bulletin/2017-09-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Версия до 8.0 (включая)

EPSS

Процентиль: 17%

0.00053

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-400

Связанные уязвимости

GHSA-cp3v-gfw2-fm24

CVSS3: 7.8

github

больше 3 лет назад

In all Qualcomm products with Android releases from CAF using the Linux kernel, if there is more than one thread doing the device open operation, the device may be opened more than once. This would lead to get_pid being called more than once, however put_pid being called only once in function "msm_close".

EPSS

Процентиль: 17%

0.00053

Низкий

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-400