VDB
CVE-2017-14879
CVE-2017-14879
PUBLISHED
CVSS 8.800000190734863 HIGH
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipa_idr pointer using ipa_idr_find() function, the wrong structure pointer can be returned resulting in a slab out of bound access in the IPA driver.
EPSS 0.06% · 19.9th percentile
Risk Scores
CVSS 3.0
8.800000190734863
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
0.06%
19.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| android | ||
| Qualcomm, Inc. | Android for MSM, Firefox OS for MSM, QRD Android | All Android releases from CAF using the Linux kernel |
Exploit Intelligence
- PoC code for CVE-2017-13253 (github-poc)
- PoC code for CVE-2017-13253 (github-poc)
- PoC code for CVE-2017-13253 (github-poc)
- PoC code for CVE-2017-13253 (github-poc)
- idanshechter/CVE-2017-13208-Scanner (github-poc)
- idanshechter/CVE-2017-13208-Scanner (github-poc)
- idanshechter/CVE-2017-13208-Scanner (github-poc)
- idanshechter/CVE-2017-13208-Scanner (github-poc)
- https://source.android.com/security/bulletin/pixel/2018-01-01 (circl)
Timeline
- Jan 3, 2018 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- May 2, 2022 EPSS Score
- Sep 5, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://source.android.com/security/bulletin/2018-01-01 advisory
- https://source.android.com/security/bulletin/pixel/2018-01-01 advisory
- https://source.android.com/security/bulletin/2018-03-01 advisory
- https://source.android.com/security/bulletin/pixel/2018-03-01 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2017-14879 advisory