The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31651010.
Base Score: 4.3
Impact Score: 2.9
Exploitability Score: 8.6
Base Score: 4.7
Impact Score: 3.6
Exploitability Score: 1
|111833||SUSE SLES11 Security Update : kernel (SUSE-SU-2018:2366-1) (Foreshadow)||Nessus||SuSE Local Security Checks|
|111782||SUSE SLES11 Security Update : kernel (SUSE-SU-2018:2332-1) (Foreshadow)||Nessus||SuSE Local Security Checks|
|102261||Ubuntu 14.04 LTS : linux vulnerabilities (USN-3381-1) (Stack Clash)||Nessus||Ubuntu Local Security Checks|
|101929||Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3361-1)||Nessus||Ubuntu Local Security Checks|
|97357||Debian DSA-3791-1 : linux - security update||Nessus||Debian Local Security Checks|
|97332||Debian DLA-833-1 : linux security update||Nessus||Debian Local Security Checks|