VDB
CVE-2017-11019
CVE-2017-11019
PUBLISHED
CVSS 7.800000190734863 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the fd allocated during the get_metadata was not closed even though the buffer allocated to the fd was freed. This resulted in a failure during exit sequence.
EPSS 0.02% · 4.0th percentile
Risk Scores
CVSS 3.0
7.800000190734863
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.02%
4.0th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| android | ||
| Qualcomm, Inc. | Android for MSM, Firefox OS for MSM, QRD Android | All Android releases from CAF using the Linux kernel |
Exploit Intelligence
- Comprehensive Android security vulnerability demonstrations featuring CVE-2017-13156 (Janus), broadcast receiver exploitation, external storage threats, and rooted device attacks. Educational PoCs with working code, exploitation scripts, and security controls for developers and researchers. To be updated... (github-poc)
- Comprehensive Android security vulnerability demonstrations featuring CVE-2017-13156 (Janus), broadcast receiver exploitation, external storage threats, and rooted device attacks. Educational PoCs with working code, exploitation scripts, and security controls for developers and researchers. To be updated... (github-poc)
- Comprehensive Android security vulnerability demonstrations featuring CVE-2017-13156 (Janus), broadcast receiver exploitation, external storage threats, and rooted device attacks. Educational PoCs with working code, exploitation scripts, and security controls for developers and researchers. To be updated... (github-poc)
- Comprehensive Android security vulnerability demonstrations featuring CVE-2017-13156 (Janus), broadcast receiver exploitation, external storage threats, and rooted device attacks. Educational PoCs with working code, exploitation scripts, and security controls for developers and researchers. To be updated... (github-poc)
- Android Application Vulnerability Exploit (github-poc)
- Android Application Vulnerability Exploit (github-poc)
- Android Application Vulnerability Exploit (github-poc)
- Android Application Vulnerability Exploit (github-poc)
- To determine if an APK is vulnerable to CVE-2017-13156 (github-poc)
- To determine if an APK is vulnerable to CVE-2017-13156 (github-poc)
…and 27 more exploits
Timeline
- Dec 5, 2017 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score