CVE-2017-8281

Опубликовано: 21 сент. 2017

Источник: nvd

CVSS3: 4.7

CVSS2: 2.6

EPSS Низкий

Описание

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI.

Ссылки

http://www.securityfocus.com/bid/100658
Third Party Advisory
VDB Entry
https://source.android.com/security/bulletin/2017-09-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2017-12-01
http://www.securityfocus.com/bid/100658
Third Party Advisory
VDB Entry
https://source.android.com/security/bulletin/2017-09-01
Patch
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2017-12-01

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:*:*:*:*:*:*:*:*

Версия до 8.0 (включая)

EPSS

Процентиль: 25%

0.00084

Низкий

4.7 Medium

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

CVE-2017-8281

CVSS3: 8.1

redhat

почти 10 лет назад

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI.

GHSA-fw46-jjg8-h984

CVSS3: 4.7

github

больше 3 лет назад

In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while querying event status via DCI.

EPSS

Процентиль: 25%

0.00084

Низкий

4.7 Medium

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-200