Freener0

Pesquisador deXuanwu Lab, Tencent
#12722de 53,630
21.2CVSS total
Vulnerabilidades · 3
Média
1
Alta
2
PT-2017-2459
7.2
2017-07-06
Broadcom · Broadcom Wi-Fi Driver · CVE-2017-0706
**Name of the Vulnerable Software and Affected Versions** Android kernel **Description** The issue is related to a wi-fi driver vulnerability in the Android operating system, specifically concerning the Broadcom wi-fi driver. It involves insufficient access control, which can be exploited by a local attacker to elevate their privileges. **Recommendations** For Android kernel, apply the necessary patches or updates to fix the elevation of privilege vulnerability in the Broadcom wi-fi driver. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2017-1801
4.7
2017-04-07
Google · Android · CVE-2017-0585
**Name of the Vulnerable Software and Affected Versions** Android versions Kernel-3.10, Kernel-3.18 **Description** An information disclosure issue in the Broadcom Wi-Fi driver could allow a local malicious application to access data outside of its permission levels. This issue requires compromising a privileged process first. The vulnerability is related to the lack of protection for service data, which could allow a remote attacker to violate data confidentiality using a local malicious application. **Recommendations** For Android versions Kernel-3.10, Kernel-3.18, consider restricting access to the Broadcom Wi-Fi driver until a patch is available. As a temporary workaround, consider disabling the Wi-Fi functionality in privileged processes to minimize the risk of exploitation.
PT-2017-1075
9.3
2017-01-12
Google · Android · CVE-2017-0386
**Name of the Vulnerable Software and Affected Versions** Android versions 5.0.2 through 7.1 **Description** An elevation of privilege issue in the libnl library could allow a local malicious application to execute arbitrary code within the context of a privileged process, potentially gaining access to elevated capabilities. This issue is related to insufficient access control to certain functions. **Recommendations** For Android versions 5.0.2 through 7.1, update to a version that includes the fix for this issue, as specified by the Android ID A-32255299. At the moment, there is no information about a newer version that contains a fix for this vulnerability.