An information disclosure vulnerability in kernel components including the ION subsystem, Binder, USB driver and networking subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31651010.
http://www.debian.org/security/2017/dsa-3791
http://www.securityfocus.com/bid/94686
https://source.android.com/security/bulletin/2016-12-01.html
Source: MITRE
Published: 2017-01-12
Updated: 2017-11-04
Type: CWE-200
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM
Base Score: 4.7
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 1
Severity: MEDIUM
OR
ID | Name | Product | Family | Severity |
---|---|---|---|---|
111833 | SUSE SLES11 Security Update : kernel (SUSE-SU-2018:2366-1) (Foreshadow) | Nessus | SuSE Local Security Checks | high |
111782 | SUSE SLES11 Security Update : kernel (SUSE-SU-2018:2332-1) (Foreshadow) | Nessus | SuSE Local Security Checks | high |
102261 | Ubuntu 14.04 LTS : linux vulnerabilities (USN-3381-1) (Stack Clash) | Nessus | Ubuntu Local Security Checks | high |
101929 | Ubuntu 16.04 LTS : linux-hwe vulnerabilities (USN-3361-1) | Nessus | Ubuntu Local Security Checks | critical |
97357 | Debian DSA-3791-1 : linux - security update | Nessus | Debian Local Security Checks | high |
97332 | Debian DLA-833-1 : linux security update | Nessus | Debian Local Security Checks | high |