nvd-json-data-feeds/CVE-2017/CVE-2017-158xx/CVE-2017-15857.json

{
  "id": "CVE-2017-15857",
  "sourceIdentifier": "product-security@qualcomm.com",
  "published": "2018-06-12T20:29:00.360",
  "lastModified": "2018-08-01T13:33:58.933",
  "vulnStatus": "Analyzed",
  "descriptions": [
    {
      "lang": "en",
      "value": "In the camera driver, an out-of-bounds access can occur due to an error in copying region params from user space in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel."
    },
    {
      "lang": "es",
      "value": "En el controlador de la c\u00e1mara, puede ocurrir un acceso fuera de l\u00edmites debido a un error en los par\u00e1metros de regi\u00f3n de copia del espacio de usuario en todas las distribuciones de Android de CAF (Android for MSM, Firefox OS for MSM, QRD Android) que utilizan el kernel de Linux."
    }
  ],
  "metrics": {
    "cvssMetricV30": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "3.0",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "attackVector": "LOCAL",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9
      }
    ],
    "cvssMetricV2": [
      {
        "source": "nvd@nist.gov",
        "type": "Primary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "accessVector": "LOCAL",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "nvd@nist.gov",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-129"
        }
      ]
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "operator": "OR",
          "negate": false,
          "cpeMatch": [
            {
              "vulnerable": true,
              "criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"
            }
          ]
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://source.android.com/security/bulletin/pixel/2018-05-01",
      "source": "nvd@nist.gov",
      "tags": [
        "Third Party Advisory"
      ]
    },
    {
      "url": "https://www.codeaurora.org/security-bulletin/2018/05/11/may-2018-code-aurora-security-bulletin-2",
      "source": "product-security@qualcomm.com",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ]
    }
  ]
}