exploitDog

CVE-2021-39814

Опубликовано: 12 апр. 2022

Источник: nvd

CVSS3: 6.7

CVSS2: 7.2

EPSS Низкий

Описание

In ppmp_validate_wsm of drm_fw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216792660References: N/A

Ссылки

https://source.android.com/security/bulletin/pixel/2022-04-01
Vendor Advisory
https://source.android.com/security/bulletin/pixel/2022-04-01
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

EPSS

Процентиль: 9%

0.00033

Низкий

6.7 Medium

CVSS3

7.2 High

CVSS2

Дефекты

CWE-787

Связанные уязвимости

GHSA-x6mg-ghfq-wmjr

CVSS3: 6.7

github

почти 4 года назад

In ppmp_validate_wsm of drm_fw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216792660References: N/A

EPSS

Процентиль: 9%

0.00033

Низкий

6.7 Medium

CVSS3

7.2 High

CVSS2

Дефекты

CWE-787