CVE-2017-15828 Vulnerability Details

  /     /     /  

CVE-2017-15828 Metadata Quick Info

CVE Published: 18/09/2018 | CVE Updated: 05/08/2024 | CVE Year: 2017
Source: qualcomm | Vendor: Qualcomm, Inc. | Product: Android for MSM, Firefox OS for MSM, QRD Android
Status : PUBLISHED

---

CVE-2017-15828 Description

In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow.

Metrics

CVSS Version: 3.1 | Base Score: n/a
Vector: n/a

l➤ Exploitability Metrics:
    Attack Vector (AV)*
    Attack Complexity (AC)*
    Privileges Required (PR)*
    User Interaction (UI)*
    Scope (S)*

l➤ Impact Metrics:
    Confidentiality Impact (C)*
    Integrity Impact (I)*
    Availability Impact (A)*

Weakness Enumeration (CWE)

CWE-ID:
CWE Name: Integer Overflow to Buffer Overflow vulnerability in Bootloader
Source: Qualcomm, Inc.

Common Attack Pattern Enumeration and Classification (CAPEC)

CAPEC-ID:
CAPEC Description:


Source: NVD (National Vulnerability Database).