CVE-2017-0869 — Integer Overflow or Wraparound in INC Android

CWE-190 — Integer Overflow or Wraparound CWE-416 — Use After Free4 documents4 sources

Severity

7.8HIGHNVD

EPSS

0.0%

top 89.03%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Google INC Android

Timeline

PublishedJan 12

Latest updateMay 14

Description

NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling code execution as a privileged process. This issue is rated as high. Version: N/A. Android ID: A-37776156. References: N-CVE-2017-0869.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages1 packages

▶CVEListV5google_inc/androidNA

Patches

Patch: source.android.com ↗Patch: source.android.com ↗

🔴Vulnerability Details

GHSA

GHSA-2wv6-wmqj-wxmj: NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling co↗2022-05-14

▶

CVEList

CVE-2017-0869: NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling co↗2018-01-12

▶

📋Vendor Advisories

Android

CVE-2017-0869: Nvidia driver↗2018-01-01

▶