exploitDog

CVE-2017-8279

Опубликовано: 16 нояб. 2017

Источник: nvd

CVSS3: 7.5

CVSS2: 5

EPSS Низкий

Описание

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection while updating msg mask table can lead to buffer over-read. Also access to freed memory can happen while updating msg_mask information.

Ссылки

https://source.android.com/security/bulletin/pixel/2017-11-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2017-11-01
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.0009

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-362

Связанные уязвимости

GHSA-9frp-399h-r9j4

CVSS3: 7.5

github

больше 3 лет назад

In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection while updating msg mask table can lead to buffer over-read. Also access to freed memory can happen while updating msg_mask information.

EPSS

Процентиль: 26%

0.0009

Низкий

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-362