PT-2017-10575 · Google+1 · Android+1
Xingyuan Lin
·
Published
2017-05-12
·
Updated
2018-06-16
·
CVE-2017-0627
CVSS v3.1
4.7
Medium
| Vector | AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Android versions Kernel-3.10 through Kernel-3.18
Description
An information disclosure issue in the kernel UVC driver could allow a local malicious application to access data outside of its permission levels, requiring initial compromise of a privileged process.
Recommendations
For versions Kernel-3.10 through Kernel-3.18, update to a version that includes the fix for this issue to prevent local malicious applications from accessing unauthorized data.
Fix
Information Disclosure
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Android
Ubuntu