CVE-2017-0388

Name of the Vulnerable Software and Affected Versions Android versions 6.0 through 7.1

Description The issue is related to an elevation of privilege vulnerability in the External Storage Provider, which could allow a local secondary user to read data from an external storage SD card inserted by the primary user. This is considered a general bypass for operating system protections that isolate application data from other applications. The vulnerability is also associated with a lack of protection for service data, which could potentially allow an attacker to cause a denial of service or other impact on the system.

Recommendations For Android versions 6.0 through 7.1, at the moment, there is no information about a newer version that contains a fix for this vulnerability.