Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-8405

Опубликовано: 25 янв. 2017
Источник: redhat
CVSS3: 4.7

Описание

An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31651010.

An information disclosure vulnerability in Linux kernel could enable a local malicious application to access data outside of its permission levels. To exploit the flaw it is first required to compromise a privileged process.

Отчет

This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5, 6, 7 and MRG-2. This has been rated as having Low security impact and is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5kernelWill not fix
Red Hat Enterprise Linux 6kernelWill not fix
Red Hat Enterprise Linux 7kernelWill not fix
Red Hat Enterprise Linux 7kernel-rtWill not fix
Red Hat Enterprise MRG 2realtime-kernelWill not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Low
Дефект:
CWE-122
https://bugzilla.redhat.com/show_bug.cgi?id=1426132kernel: Copying color maps to userspace vulnerable to heap-buffer overflow

4.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2016-8405

CVSS3: 4.7
ubuntu
около 9 лет назад

An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31651010.

nvd логотип

CVE-2016-8405

CVSS3: 4.7
nvd
около 9 лет назад

An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31651010.

debian логотип

CVE-2016-8405

CVSS3: 4.7
debian
около 9 лет назад

An information disclosure vulnerability in kernel components including ...

github логотип

GHSA-2xmh-6vrf-q89v

CVSS3: 4.7
github
больше 3 лет назад

An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31651010.

fstec логотип

BDU:2017-00336

CVSS3: 4.7
fstec
около 9 лет назад

Уязвимость операционной системы Android, позволяющая нарушителю получить доступ к данным

4.7 Medium

CVSS3