Описание
The sockets subsystem in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application that uses (1) the AF_MSM_IPC socket class or (2) another socket class that is unrecognized by SELinux, aka internal bug 28612709.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | SELinux policy not used |
| esm-apps/xenial | not-affected | SELinux policy not used |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [SELinux policy not used]] |
| precise | DNE | |
| trusty | not-affected | SELinux policy not used |
| trusty/esm | DNE | trusty was not-affected [SELinux policy not used] |
| upstream | not-affected | SELinux policy not used |
| vivid/stable-phone-overlay | not-affected | SELinux policy not used |
| vivid/ubuntu-core | DNE | |
| wily | not-affected | SELinux policy not used |
Показывать по
EPSS
9.3 Critical
CVSS2
7.8 High
CVSS3
Связанные уязвимости
The sockets subsystem in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application that uses (1) the AF_MSM_IPC socket class or (2) another socket class that is unrecognized by SELinux, aka internal bug 28612709.
The sockets subsystem in Android 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-07-01 allows attackers to gain privileges via a crafted application that uses (1) the AF_MSM_IPC socket class or (2) another socket class that is unrecognized by SELinux, aka internal bug 28612709.
Уязвимость операционной системы Android, позволяющая нарушителю повысить свои привилегии
EPSS
9.3 Critical
CVSS2
7.8 High
CVSS3