PT-2017-11708 · Google+1 · Android+1

Publicado

2017-10-10

Atualizado

2017-10-19

CVE-2017-11046

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Android for MSM (affected versions not specified) Firefox OS for MSM (affected versions not specified) QRD Android (affected versions not specified)

Description A kernel out-of-bounds write can potentially occur when an audio driver ioctl handler is called.

Recommendations For Android for MSM, consider restricting access to the audio driver until a patch is available. For Firefox OS for MSM, avoid using the vulnerable audio driver ioctl handler until the issue is resolved. For QRD Android, as a temporary workaround, consider disabling the audio driver ioctl handler function until a patch is available.

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

CVE-2017-11046

Produtos afetados

Android

Firefox Os

PT-2017-11708 · Google+1 · Android+1

CVE-2017-11046

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4