Vulnerabilities > CVE-2017-11031 - Use After Free vulnerability in Google Android

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
google
CWE-416

Summary

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the VIDIOC_G_SDE_ROTATOR_FENCE ioctl command can be used to cause a Use After Free condition.

Vulnerable Configurations

Part Description Count
OS
Google
1

Common Weakness Enumeration (CWE)