3.18

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

linux

CWE-399

NVD

Published: 2017-01-12

Updated: 2017-01-18

Summary

A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30786860. References: QC-CR#586855.

Vulnerable Configurations

Part	Description	Count
OS	Linux Linux Linux Kernel 3.10 Linux Linux Kernel 3.18	2

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

References

https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10
http://www.securityfocus.com/bid/95245
https://source.android.com/security/bulletin/2017-01-01.html