9.3
CVE-2017-8240
- EPSS 0.47%
- Veröffentlicht 13.06.2017 20:29:01
- Zuletzt bearbeitet 13.05.2026 00:24:29
- Quelle product-security@qualcomm.com
- CVE-Watchlists
- Unerledigt
In all Android releases from CAF using the Linux kernel, a kernel driver has an off-by-one buffer over-read vulnerability.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.47% | 0.368 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-125 Out-of-bounds Read
The product reads data past the end, or before the beginning, of the intended buffer.
http://www.securitytracker.com/id/1038623
https://source.android.com/security/bulletin/2017-06-01