exploitDog

CVE-2018-3597

Опубликовано: 06 июл. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 4.6

EPSS Низкий

Описание

In the ADSP RPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, an arbitrary kernel write can occur.

Ссылки

https://source.android.com/security/bulletin/pixel/2018-06-01#qualcomm-components
Vendor Advisory
https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=e569b915a246627d0449016408a9c0d388ee4ab4
Patch
Third Party Advisory
https://source.android.com/security/bulletin/pixel/2018-06-01#qualcomm-components
Vendor Advisory
https://source.codeaurora.org/quic/la/kernel/msm-4.4/commit/?id=e569b915a246627d0449016408a9c0d388ee4ab4
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 11%

0.00039

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-20

Связанные уязвимости

GHSA-m4g2-c279-5w65

CVSS3: 7.8

github

больше 3 лет назад

In the ADSP RPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, an arbitrary kernel write can occur.

EPSS

Процентиль: 11%

0.00039

Низкий

7.8 High

CVSS3

4.6 Medium

CVSS2

Дефекты

CWE-20