CVE-2017-2698
Description
The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android system can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system or escalate privilege.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.058
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2015-8088 ,CVE-2015-8306 ,CVE-2017-2698 are affected in p8_firmware gra-cl100 | NCM |
| Multiple Vulnerabilities affected in p8_firmware gra-cl10 | NCM |
| Vulnerabilities CVE-2017-2698 are affected in p8_firmware gra-tl00c01b230sp01 | NCM |
| Vulnerabilities CVE-2017-2698 are affected in p8_firmware gra-tl00 | NCM |
| Vulnerabilities CVE-2017-2698 are affected in p8_firmware gra-l09c432b222 | NCM |
| Vulnerabilities CVE-2017-2698 are affected in p8_firmware gra-cl00c92b230 | NCM |
| Improper Restriction of Operations within the Bounds of a Memory Buffer Vulnerability (CVE-2017-2698) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234