cvelist/2017/13xxx/CVE-2017-13218.json

{
    "CVE_data_meta": {
        "ASSIGNER": "security@android.com",
        "DATE_PUBLIC": "2018-06-04T00:00:00",
        "ID": "CVE-2017-13218",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Android for MSM, Firefox OS for MSM, QRD Android",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "All Android releases from CAF using the Linux kernel"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "Qualcomm, Inc."
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear could be used for side channel attacks and this could lead to local information disclosure with no additional execution privileges needed in FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, QCN5502, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "Permissions, Privileges and Access control issue in Kernel"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "name": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html",
                "refsource": "CONFIRM",
                "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html"
            },
            {
                "name": "102390",
                "refsource": "BID",
                "url": "http://www.securityfocus.com/bid/102390"
            },
            {
                "name": "https://source.android.com/security/bulletin/2018-01-01",
                "refsource": "CONFIRM",
                "url": "https://source.android.com/security/bulletin/2018-01-01"
            },
            {
                "name": "https://www.codeaurora.org/security-bulletin/2018/06/04/june-2018-code-aurora-security-bulletin",
                "refsource": "MISC",
                "url": "https://www.codeaurora.org/security-bulletin/2018/06/04/june-2018-code-aurora-security-bulletin"
            },
            {
                "name": "1040106",
                "refsource": "SECTRACK",
                "url": "http://www.securitytracker.com/id/1040106"
            }
        ]
    }
}