CVE-2017-0501 — Google Android vulnerability
12 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 81.45%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 8
Latest updateMay 13
Description
An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-28430015. References:…
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages3 packages
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-jpf8-mpcc-7g63: An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Qu↗2022-05-13
OSV▶
CVE-2017-0501: An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Qu↗2017-03-08
📋Vendor Advisories
1Android▶
CVE-2017-0501: Android Security Bulletin 2017-03-01
CVE: CVE-2017-0501
Severity: CRITICAL
References: A-28430015*
M-ALPS02708983↗2017-03-01
💬Community
8Bugzilla▶
CVE-2017-14475 mysql-mmm: arbitrary command execution with the privileges of the mmm_agentd process↗2018-05-17
Bugzilla▶
CVE-2017-14478 mysql-mmm: arbitrary command execution with the privileges of the mmm_agentd process↗2018-05-17
Bugzilla▶
CVE-2017-14477 mysql-mmm: arbitrary command execution with the privileges of the mmm_agentd process↗2018-05-17
Bugzilla▶
CVE-2017-14476 mysql-mmm: arbitrary command execution with the privileges of the mmm_agentd process↗2018-05-17
Bugzilla▶
CVE-2017-14480 mysql-mmm: arbitrary command execution with the privileges of the mmm_agentd process↗2018-05-17