CVE-2017-13220

Опубликовано: 02 янв. 2018

Источник: redhat

CVSS3: 5.3

Описание

An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.

An out-of-bound access, and a possible memory corruption vulnerability leading to a system crash, was found in the Linux kernel in the Bluetooth subsystem. Due to the nature of the flaw, privilege escalation cannot be fully ruled out, although it is unlikely.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	kernel	Not affected
Red Hat Enterprise Linux 6	kernel	Not affected
Red Hat Enterprise Linux 7	kernel	Not affected
Red Hat Enterprise Linux 7	kernel-alt	Not affected
Red Hat Enterprise Linux 7	kernel-rt	Not affected
Red Hat Enterprise Linux 8	kernel	Not affected
Red Hat Enterprise MRG 2	realtime-kernel	Not affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-843

https://bugzilla.redhat.com/show_bug.cgi?id=1536155kernel: Possible out-of-bound access in Bluetooth subsystem

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2017-13220

CVSS3: 7.8

ubuntu

около 8 лет назад

An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.

CVE-2017-13220

CVSS3: 7.8

nvd

около 8 лет назад

An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.

CVE-2017-13220

CVSS3: 7.8

debian

около 8 лет назад

An elevation of privilege vulnerability in the Upstream kernel bluez. ...

GHSA-gpx4-fq76-5fj9

CVSS3: 7.8

github

больше 3 лет назад

An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.

SUSE-SU-2018:1221-1

suse-cvrf

больше 7 лет назад

Security update for the Linux Kernel

5.3 Medium

CVSS3