CVE-2017-13166high
Description
An elevation of privilege vulnerability in the kernel v4l2 video driver. Product: Android. Versions: Android kernel. Android ID A-34624167.
References
https://access.redhat.com/errata/RHSA-2018:0676
https://access.redhat.com/errata/RHSA-2018:1062
https://access.redhat.com/errata/RHSA-2018:1130
https://access.redhat.com/errata/RHSA-2018:1170
https://access.redhat.com/errata/RHSA-2018:1319
https://access.redhat.com/errata/RHSA-2018:2948
https://lists.debian.org/debian-lts-announce/2018/05/msg00000.html
https://source.android.com/security/bulletin/pixel/2017-12-01
Details
Source: MITRE
Published: 2017-12-06
Updated: 2019-10-03
Type: CWE-787
Risk Information
CVSS v2
Base Score: 4.6
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Impact Score: 6.4
Exploitability Score: 3.9
Severity: MEDIUM
CVSS v3
Base Score: 7.8
Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 1.8
Severity: HIGH