Vulnerability Name: | CVE-2017-6276 (CCN-136031) | ||||||||||||
Assigned: | 2017-12-04 | ||||||||||||
Published: | 2017-12-04 | ||||||||||||
Updated: | 2017-12-21 | ||||||||||||
Summary: | NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android: A-63802421. References: N-CVE-2017-6276. | ||||||||||||
CVSS v3 Severity: | 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
| ||||||||||||
CVSS v2 Severity: | 7.2 High (CVSS v2 Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C)
| ||||||||||||
Vulnerability Type: | CWE-416 | ||||||||||||
Vulnerability Consequences: | Gain Access | ||||||||||||
References: | Source: CCN Type: Google Web site Android Source: MITRE Type: CNA CVE-2017-6276 Source: BID Type: Third Party Advisory, VDB Entry 102106 Source: CCN Type: BID-102106 Google Android NVIDIA Components Multiple Privilege Escalation Vulnerabilities Source: XF Type: UNKNOWN android-cve20176276-priv-esc(136031) Source: CCN Type: Android Open Source Project Android Security BulletinDecember 2017 Source: CONFIRM Type: Vendor Advisory https://source.android.com/security/bulletin/2017-12-01 | ||||||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||||||
BACK |