CVE-2017-8245

EUVD-2017-17207
In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
googleandroid
-
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
linux
bookworm
6.1.106-3
fixed
bookworm (security)
6.1.112-1
fixed
bullseye
5.10.223-1
fixed
bullseye (security)
5.10.226-1
fixed
sid
6.11.6-1
fixed
trixie
6.11.5-1
fixed
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/98543
https://www.codeaurora.org/out-bounds-read-when-processing-voice-svc-request-cve-2017-8245
http://www.securityfocus.com/bid/98543
https://www.codeaurora.org/out-bounds-read-when-processing-voice-svc-request-cve-2017-8245