CVE Published: 12/01/2018 |
CVE Updated: 16/09/2024 |
CVE Year: 2017 Source: google_android |
Vendor: Google Inc. |
Product: Android Status : PUBLISHED
CVE-2017-13184 Description
In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-65483324.