PT-2017-2877 · Google+1 · Android Kernel+1

Yang Dai

Publicado

2017-09-01

Atualizado

2019-10-03

CVE-2017-0795

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Android kernel

Description The issue is related to an elevation of privilege vulnerability in the MediaTek accessory detector driver, which is associated with insufficient access control. This could allow a remote attacker to elevate their privileges.

Recommendations For Android kernel, consider restricting access to the MediaTek accessory detector driver until a patch is available. As a temporary workaround, disabling the vulnerable driver may help minimize the risk of exploitation.

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

BDU:2017-02161

CVE-2017-0795

Produtos afetados

Android Kernel

Mediatek Accessory Detector Driver

PT-2017-2877 · Google+1 · Android Kernel+1

CVE-2017-0795

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 5