Android Security Bulletin—January 2017

2017-01-03T00:00:00

Description

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Google devices through an over-the-air (OTA) update. The Google device firmware images have also been released to the [Google Developer site](<https://developers.google.com/android/nexus/images>). Security patch levels of January 05, 2017 or later address all of these issues. Refer to the [Pixel and Nexus update schedule](<https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices>) to learn how to check a device's security patch level. Partners were notified of the issues described in the bulletin on December 05, 2016 or earlier. Source code patches for these issues have been released to the Android Open Source Project (AOSP) repository and linked from this bulletin. This bulletin also includes links to patches outside of AOSP. The most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are disabled for development purposes or if successfully bypassed. We have had no reports of active customer exploitation or abuse of these newly reported issues. Refer to the Android and Google service mitigations section for details on the Android security platform protections and service protections such as [SafetyNet](<https://developer.android.com/training/safetynet/index.html>), which improve the security of the Android platform. We encourage all customers to accept these updates to their devices. ## Announcements * This bulletin has two security patch level strings to provide Android partners with the flexibility to more quickly fix a subset of vulnerabilities that are similar across all Android devices. See Common questions and answers for additional information: * **2017-01-01**: Partial security patch level string. This security patch level string indicates that all issues associated with 2017-01-01 (and all previous security patch level strings) are addressed. * **2017-01-05**: Complete security patch level string. This security patch level string indicates that all issues associated with 2017-01-01 and 2017-01-05 (and all previous security patch level strings) are addressed. * Supported Google devices will receive a single OTA update with the January 05, 2017 security patch level. ## Security vulnerability summary The tables below contains a list of security vulnerabilities, the Common Vulnerability and Exposures ID (CVE), the assessed severity, and whether or not Google devices are affected. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are disabled for development purposes or if successfully bypassed. ## Android and Google service mitigations This is a summary of the mitigations provided by the Android security platform and service protections, such as SafetyNet. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android. * Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible. * The Android Security team actively monitors for abuse with [Verify Apps and SafetyNet](<http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf>), which are designed to warn users about [Potentially Harmful Applications](<http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf>). Verify Apps is enabled by default on devices with [Google Mobile Services](<http://www.android.com/gms>) and is especially important for users who install applications from outside of Google Play. Device rooting tools are prohibited within Google Play, but Verify Apps warns users when they attempt to install a detected rooting application—no matter where it comes from. Additionally, Verify Apps attempts to identify and block installation of known malicious applications that exploit a privilege escalation vulnerability. If such an application has already been installed, Verify Apps will notify the user and attempt to remove the detected application. * As appropriate, Google Hangouts and Messenger applications do not automatically pass media to processes such as Mediaserver. ## Acknowledgements We would like to thank these researchers for their contributions: * Alexandru Blanda: CVE-2017-0390 * Daniel Micay of Copperhead Security: CVE-2017-0397 * Daxing Guo ([@freener0](<https://twitter.com/freener0>)) of Xuanwu Lab, Tencent: CVE-2017-0386 * [derrek](<mailto:derrek.haxx@gmail.com>) ([@derrekr6](<https://twitter.com/derrekr6>)): CVE-2017-0392 * Di Shen ([@returnsme](<https://twitter.com/returnsme>)) of KeenLab ([@keen_lab](<https://twitter.com/keen_lab>)), Tencent: CVE-2016-8412, CVE-2016-8444, CVE-2016-8427, CVE-2017-0403 * donfos (Aravind Machiry) of Shellphish Grill Team, UC Santa Barbara: CVE-2016-8448, CVE-2016-8470, CVE-2016-8471, CVE-2016-8472 * En He ([@heeeeen4x](<http://twitter.com/heeeeen4x>)) of [MS509Team](<http://www.ms509.com>): CVE-2017-0394 * Gengjia Chen ([@chengjia4574](<https://twitter.com/chengjia4574>)) and [pjf](<http://weibo.com/jfpan>) of IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2016-8464 * Google WebM Team: CVE-2017-0393 * Guang Gong (龚广) ([@oldfresher](<http://twitter.com/oldfresher>)) of Alpha Team, [Qihoo 360 Technology Co. Ltd.](<http://www.360.com>): CVE-2017-0387 * Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2016-8415, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457, CVE-2016-8465 * Jianqiang Zhao ([@jianqiangzhao](<https://twitter.com/jianqiangzhao>)) and [pjf](<http://weibo.com/jfpan>) of IceSword Lab, Qihoo 360: CVE-2016-8475 * Jon Sawyer ([@jcase](<http://twitter.com/jcase>)) and Sean Beaupre ([@firewaterdevs](<https://twitter.com/firewaterdevs>)): CVE-2016-8462 * Jon Sawyer ([@jcase](<http://twitter.com/jcase>)), Sean Beaupre ([@firewaterdevs](<https://twitter.com/firewaterdevs>)), and Ben Actis ([@Ben_RA](<https://twitter.com/ben_ra>)): CVE-2016-8461 * Mingjian Zhou ([@Mingjian_Zhou](<https://twitter.com/Mingjian_Zhou>)), Yuqi Lu ([@nikos233](<https://twitter.com/nikos233__>)), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2017-0383 * Monk Avel: CVE-2017-0396, CVE-2017-0399 * Peter Pi ([@heisecode](<https://twitter.com/heisecode>)) of Trend Micro: CVE-2016-8469, CVE-2016-8424, CVE-2016-8428, CVE-2016-8429, CVE-2016-8460, CVE-2016-8473, CVE-2016-8474 * Qidan He (何淇丹) ([@flanker_hqd](<https://twitter.com/flanker_hqd>)) of KeenLab, Tencent (腾讯科恩实验室): CVE-2017-0382 * Roee Hay and Michael Goberman of IBM Security X-Force: CVE-2016-8467 * Seven Shen ([@lingtongshen](<https://twitter.com/lingtongshen>)) of Trend Micro Mobile Threat Research Team: CVE-2016-8466 * Stephen Morrow: CVE-2017-0389 * V.E.O ([@VYSEa](<https://twitter.com/vysea>)) of Mobile Threat Research Team, [Trend Micro](<http://www.trendmicro.com>): CVE-2017-0381 * Weichao Sun ([@sunblate](<https://twitter.com/sunblate>)) of Alibaba Inc.: CVE-2017-0391 * [Wenke Dou](<mailto:vancouverdou@gmail.com>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2017-0402, CVE-2017-0398 * [Wenke Dou](<mailto:vancouverdou@gmail.com>), [Hanxiang Wen](<mailto:arnow117@gmail.com>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2017-0400 * [Wenke Dou](<mailto:vancouverdou@gmail.com>), [Hongli Han](<mailto:hlhan@bupt.edu.cn>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2017-0384, CVE-2017-0385 * [Wenke Dou](<mailto:vancouverdou@gmail.com>), Yuqi Lu ([@nikos233](<https://twitter.com/nikos233__>)), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2017-0401 * [Yao Jun](<mailto:yaojun8558363@gmail.com>), [Yuan-Tsung Lo](<mailto:computernik@gmail.com>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2016-8431, CVE-2016-8432, CVE-2016-8435 * Yong Wang (王勇) ([@ThomasKing2014](<https://twitter.com/ThomasKing2014>)) and Jun Cheng of Alibaba Inc.: CVE-2017-0404 * [Yuan-Tsung Lo](<mailto:computernik@gmail.com>), [Tong Lin](<mailto:segfault5514@gmail.com>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2016-8425, CVE-2016-8426, CVE-2016-8449 * [Yuan-Tsung Lo](<mailto:computernik@gmail.com>), [Yanfeng Wang](<mailto:bigwyfone@gmail.com>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2016-8430, CVE-2016-8482 * Yuxiang Li ([@Xbalien29](<https://twitter.com/xbalien29>)) of Tencent Security Platform Department: CVE-2017-0395 * Zhanpeng Zhao (行之) ([@0xr0ot](<https://twitter.com/0xr0ot>)) of Security Research Lab, [Cheetah Mobile](<http://www.cmcm.com/>): CVE-2016-8451 We would also like to thank the following researchers for their contributions to this bulletin: * Baozeng Ding, Chengming Yang, Peng Xiao, Ning You, Yang Dong, Chao Yang, Yi Zhang and Yang Song of Alibaba Mobile Security Group * Peter Pi ([@heisecode](<https://twitter.com/heisecode>)) of Trend Micro * Zubin Mithra of Google ## 2017-01-01 security patch level—Vulnerability details In the sections below, we provide details for each of the security vulnerabilities that apply to the 2017-01-01 patch level. There is a description of the issue, a severity rationale, and a table with the CVE, associated references, severity, updated Google devices, updated AOSP versions (where applicable), and date reported. When available, we will link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID. ### Remote code execution vulnerability in c-ares A remote code execution vulnerability in c-ares could enable an attacker using a specially crafted request to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2016-5180 | [ A-32205736](<https://android.googlesource.com/platform/external/c-ares/+/f4baf84f285bfbdebb89b2fef8a955720f00c677>) | High | All | 7.0 | Sept 29, 2016 ### Remote code execution vulnerability in Framesequence A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0382 | [ A-32338390](<https://android.googlesource.com/platform/frameworks/ex/+/7f0e3dab5a892228d8dead7f0221cc9ae82474f7>) | High | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 21, 2016 ### Elevation of privilege vulnerability in Framework APIs An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0383 | [ A-31677614](<https://android.googlesource.com/platform/frameworks/native/+/e5753ba087fa59ee02f6026cc13b1ceb42a1f266>) | High | All | 7.0, 7.1.1 | Sep 21, 2016 ### Elevation of privilege vulnerability in Audioserver An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0384 | [ A-32095626](<https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe>) | High | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 11, 2016 CVE-2017-0385 | [ A-32585400](<https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358>) | High | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 11, 2016 ### Elevation of privilege vulnerability in libnl An elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0386 | [ A-32255299](<https://android.googlesource.com/platform/external/libnl/+/f0b40192efd1af977564ed6335d42a8bbdaf650a>) | High | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 18, 2016 ### Elevation of privilege vulnerability in Mediaserver An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0387 | [ A-32660278](<https://android.googlesource.com/platform/frameworks/native/+/675e212c8c6653825cc3352c603caf2e40b00f9f>) | High | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Nov 4, 2016 ### Information disclosure vulnerability in External Storage Provider An information disclosure vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it could be used to access data without permission. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0388 | [ A-32523490](<https://android.googlesource.com/platform/frameworks/base/+/47e62b7fe6807a274ba760a8fecfd624fe792da9>) | High | All | 6.0, 6.0.1, 7.0, 7.1.1 | Google internal ### Denial of service vulnerability in core networking A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0389 | [ A-31850211](<https://android.googlesource.com/platform/frameworks/base/+/a014b6be3c7c6fb5cf9352a05baf84fca7a133c7>) [[2](<https://android.googlesource.com/platform/frameworks/base/+/47e81a2596b00ee7aaca58716ff164a1708b0b29>)] [[3](<https://android.googlesource.com/platform/frameworks/base/+/006e0613016c1a0e0627f992f5a93a7b7198edba>)] | High | All | 6.0, 6.0.1, 7.0, 7.1.1 | Jul 20, 2016 ### Denial of service vulnerability in Mediaserver A denial of service vulnerability in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0390 | [ A-31647370](<https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0>) | High | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Sep 19, 2016 CVE-2017-0391 | [ A-32322258](<https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f>) | High | All | 6.0, 6.0.1, 7.0, 7.1.1 | Oct 20, 2016 CVE-2017-0392 | [ A-32577290](<https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c>) | High | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 29, 2016 CVE-2017-0393 | [ A-30436808](<https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc>) | High | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Google internal ### Denial of service vulnerability in Telephony A denial of service vulnerability in Telephony could enable a remote attacker to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0394 | [ A-31752213](<https://android.googlesource.com/platform/packages/services/Telephony/+/1cdced590675ce526c91c6f8983ceabb8038f58d>) | High | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Sep 23, 2016 ### Elevation of privilege vulnerability in Contacts An elevation of privilege vulnerability in Contacts could enable a local malicious application to silently create contact information. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission). CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0395 | [ A-32219099](<https://android.googlesource.com/platform/packages/apps/ContactsCommon/+/d47661ad82d402c1e0c90eb83970687d784add1b>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 15, 2016 ### Information disclosure vulnerability in Mediaserver An information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0381 | [ A-31607432](<https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7>) | Moderate | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Sep 18, 2016 CVE-2017-0396 | [ A-31781965](<https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Sep 27, 2016 CVE-2017-0397 | [ A-32377688](<https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 21, 2016 ### Information disclosure vulnerability in Audioserver An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0398 | [ A-32438594](<https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 CVE-2017-0398 | [ A-32635664](<https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 CVE-2017-0398 | [ A-32624850](<https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 CVE-2017-0399 | [ A-32247948](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 18, 2016 CVE-2017-0400 | [ A-32584034](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 CVE-2017-0401 | [ A-32448258](<https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 26, 2016 CVE-2017-0402 | [ A-32436341](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 ## 2017-01-05 security patch level—Vulnerability details In the sections below, we provide details for each of the security vulnerabilities that applt to the 2017-01-05 patch level. There is a description of the issue, a severity rationale, and a table with the CVE, associated references, severity, updated Google devices, updated AOSP versions (where applicable), and date reported. When available, we will link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID. ### Elevation of privilege vulnerability in kernel memory subsystem An elevation of privilege vulnerability in the kernel memory subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2015-3288 | A-32460277 [ Upstream kernel](<http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d>) | Critical | Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel C, Nexus Player, Pixel, Pixel XL | Jul 9, 2015 ### Elevation of privilege vulnerability in Qualcomm bootloader An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8422 | A-31471220 [ QC-CR#979426](<https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=d6639f0a77f8ebfc1e05f3acdf12d5588e7e6213>) | Critical | Nexus 6, Nexus 6P, Pixel, Pixel XL | Jul 22, 2016 CVE-2016-8423 | A-31399736 [ QC-CR#1000546](<https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=98db6cc526fa1677da05d54785937540cdc84867>) | Critical | Nexus 6P, Pixel, Pixel XL | Aug 24, 2016 ### Elevation of privilege vulnerability in kernel file system An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2015-5706 | A-32289301 [ Upstream kernel](<http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0>) | Critical | None* | Aug 1, 2016 * Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. ### Elevation of privilege vulnerability in NVIDIA GPU driver An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8424 | A-31606947* N-CVE-2016-8424 | Critical | Nexus 9 | Sep 17, 2016 CVE-2016-8425 | A-31797770* N-CVE-2016-8425 | Critical | Nexus 9 | Sep 28, 2016 CVE-2016-8426 | A-31799206* N-CVE-2016-8426 | Critical | Nexus 9 | Sep 28, 2016 CVE-2016-8482 | A-31799863* N-CVE-2016-8482 | Critical | Nexus 9 | Sep 28, 2016 CVE-2016-8427 | A-31799885* N-CVE-2016-8427 | Critical | Nexus 9 | Sep 28, 2016 CVE-2016-8428 | A-31993456* N-CVE-2016-8428 | Critical | Nexus 9 | Oct 6, 2016 CVE-2016-8429 | A-32160775* N-CVE-2016-8429 | Critical | Nexus 9 | Oct 13, 2016 CVE-2016-8430 | A-32225180* N-CVE-2016-8430 | Critical | Nexus 9 | Oct 17, 2016 CVE-2016-8431 | A-32402179* N-CVE-2016-8431 | Critical | Pixel C | Oct 25, 2016 CVE-2016-8432 | A-32447738* N-CVE-2016-8432 | Critical | Pixel C | Oct 26, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Elevation of privilege vulnerability in MediaTek driver An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8433 | A-31750190* MT-ALPS02974192 | Critical | None** | Sep 24, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ** Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. ### Elevation of privilege vulnerability in Qualcomm GPU driver An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8434 | A-32125137 [ QC-CR#1081855](<https://source.codeaurora.org/quic/la/kernel/msm-3.14/commit/?id=3e3866a5fced40ccf9ca442675cf915961efe4d9>) | Critical | Nexus 5X, Nexus 6, Nexus 6P, Android One | Oct 12, 2016 ### Elevation of privilege vulnerability in NVIDIA GPU driver An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8435 | A-32700935* N-CVE-2016-8435 | Critical | Pixel C | Nov 7, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Elevation of privilege vulnerability in Qualcomm video driver An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8436 | A-32450261 [ QC-CR#1007860](<https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=228e8d17b9f5d22cf9896ab8eff88dc6737c2ced>) | Critical | None* | Oct 13, 2016 * Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. ### Vulnerabilities in Qualcomm components The following vulnerabilities affects Qualcomm components and are described in further detail in Qualcomm AMSS November 2015, August 2016, September 2016, and October 2016 security bulletins. CVE | References | Severity* | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8438 | A-31624565** | Critical | None*** | Qualcomm internal CVE-2016-8442 | A-31625910** | Critical | None*** | Qualcomm internal CVE-2016-8443 | A-32576499** | Critical | None*** | Qualcomm internal CVE-2016-8437 | A-31623057** | High | None*** | Qualcomm internal CVE-2016-8439 | A-31625204** | High | None*** | Qualcomm internal CVE-2016-8440 | A-31625306** | High | None*** | Qualcomm internal CVE-2016-8441 | A-31625904** | High | None*** | Qualcomm internal CVE-2016-8398 | A-31548486** | High | Nexus 5X, Nexus 6, Nexus 6P, Android One | Qualcomm internal CVE-2016-8459 | A-32577972** | High | None*** | Qualcomm internal CVE-2016-5080 | A-31115235** | Moderate | Nexus 5X | Qualcomm internal * The severity rating for these vulnerabilities was determined by the vendor. ** The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). *** Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. ### Elevation of privilege vulnerability in Qualcomm camera An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8412 | A-31225246 [ QC-CR#1071891](<https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=42a98c44669d92dafcf4d6336bdccaeb2db12786>) | High | Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL | Aug 26, 2016 CVE-2016-8444 | A-31243641* QC-CR#1074310 | High | Nexus 5X, Nexus 6, Nexus 6P | Aug 26, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Elevation of privilege vulnerability in MediaTek components An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8445 | A-31747590* MT-ALPS02968983 | High | None** | Sep 25, 2016 CVE-2016-8446 | A-31747749* MT-ALPS02968909 | High | None** | Sep 25, 2016 CVE-2016-8447 | A-31749463* MT-ALPS02968886 | High | None** | Sep 25, 2016 CVE-2016-8448 | A-31791148* MT-ALPS02982181 | High | None** | Sep 28, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ** Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. ### Elevation of privilege vulnerability in Qualcomm Wi-Fi driver An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8415 | A-31750554 [ QC-CR#1079596](<https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=188e12a816508b11771f362c852782ec9a6f9394>) | High | Nexus 5X, Pixel, Pixel XL | Sep 26, 2016 ### Elevation of privilege vulnerability in NVIDIA GPU driver An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8449 | A-31798848* N-CVE-2016-8449 | High | Nexus 9 | Sep 28, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Elevation of privilege vulnerability in Qualcomm sound driver An elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8450 | A-32450563 [ QC-CR#880388](<https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e909d159ad1998ada853ed35be27c7b6ba241bdb>) | High | Nexus 5X, Nexus 6, Nexus 6P, Android One | Oct 13, 2016 ### Elevation of privilege vulnerability in Synaptics touchscreen driver An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8451 | A-32178033* | High | None** | Oct 13, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ** Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. ### Elevation of privilege vulnerability in kernel security subsystem An elevation of privilege vulnerability in kernel security subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-7042 | A-32178986 [ Upstream kernel](<http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=03dab869b7b239c4e013ec82aea22e181e441cfc>) | High | Pixel C | Oct 14, 2016 ### Elevation of privilege vulnerability in kernel performance subsystem An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2017-0403 | A-32402548* | High | Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, Pixel, Pixel XL | Oct 25, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Elevation of privilege vulnerability in kernel sound subsystem An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2017-0404 | A-32510733* | High | Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Nexus Player, Pixel, Pixel XL | Oct 27, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Elevation of privilege vulnerability in Qualcomm Wi-Fi driver An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8452 | A-32506396 [ QC-CR#1050323](<https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=39fa8e972fa1b10dc68a066f4f9432753d8a2526>) | High | Nexus 5X, Android One, Pixel, Pixel XL | Oct 28, 2016 ### Elevation of privilege vulnerability in Qualcomm radio driver An elevation of privilege vulnerability in the Qualcomm radio driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-5345 | A-32639452 [ QC-CR#1079713](<https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6>) | High | Android One | Nov 3, 2016 ### Elevation of privilege vulnerability in kernel profiling subsystem An elevation of privilege vulnerability in the kernel profiling subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-9754 | A-32659848 [ Upstream kernel](<http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6>) | High | Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player | Nov 4, 2016 ### Elevation of privilege vulnerability in Broadcom Wi-Fi driver An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8453 | A-24739315* B-RB#73392 | High | Nexus 6 | Google internal CVE-2016-8454 | A-32174590* B-RB#107142 | High | Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player | Oct 14, 2016 CVE-2016-8455 | A-32219121* B-RB#106311 | High | Nexus 6P | Oct 15, 2016 CVE-2016-8456 | A-32219255* B-RB#105580 | High | Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player | Oct 15, 2016 CVE-2016-8457 | A-32219453* B-RB#106116 | High | Nexus 6, Nexus 6P, Nexus 9, Pixel C | Oct 15, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Elevation of privilege vulnerability in Synaptics touchscreen driver An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8458 | A-31968442* | High | Nexus 5X, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL | Google internal * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Information disclosure vulnerability in NVIDIA video driver An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8460 | A-31668540* N-CVE-2016-8460 | High | Nexus 9 | Sep 21, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Information disclosure vulnerability in bootloader An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8461 | A-32369621* | High | Nexus 9, Pixel, Pixel XL | Oct 21, 2016 CVE-2016-8462 | A-32510383* | High | Pixel, Pixel XL | Oct 27, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Denial of service vulnerability in Qualcomm FUSE file system A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8463 | A-30786860 [ QC-CR#586855](<https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10>) | High | None* | Jan 03, 2014 * Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. ### Denial of service vulnerability in bootloader A denial of service vulnerability in the bootloader could enable an attacker to cause a local permanent denial of service, which may require reflashing the operating system to repair the device. This issue is rated as High due to the possibility of local permanent denial of service. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8467 | A-30308784* | High | Nexus 6, Nexus 6P | Jun 29, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Elevation of privilege vulnerability in Broadcom Wi-Fi driver An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8464 | A-29000183* B-RB#106314 | Moderate | Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player | May 26, 2016 CVE-2016-8466 | A-31822524* B-RB#105268 | Moderate | Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player | Sep 28, 2016 CVE-2016-8465 | A-32474971* B-RB#106053 | Moderate | Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player | Oct 27, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Elevation of privilege vulnerability in Binder An elevation of privilege vulnerability in Binder could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8468 | A-32394425* | Moderate | Pixel C, Pixel, Pixel XL | Google internal * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Information disclosure vulnerability in NVIDIA camera driver An information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8469 | A-31351206* N-CVE-2016-8469 | Moderate | Nexus 9 | Sep 7, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Information disclosure vulnerability in MediaTek driver An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8470 | A-31528889* MT-ALPS02961395 | Moderate | None** | Sep 15, 2016 CVE-2016-8471 | A-31528890* MT-ALPS02961380 | Moderate | None** | Sep 15, 2016 CVE-2016-8472 | A-31531758* MT-ALPS02961384 | Moderate | None** | Sep 15, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ** Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. ### Information disclosure vulnerability in STMicroelectronics driver An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8473 | A-31795790* | Moderate | Nexus 5X, Nexus 6P | Sep 28, 2016 CVE-2016-8474 | A-31799972* | Moderate | Nexus 5X, Nexus 6P | Sep 28, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Information disclosure vulnerability in Qualcomm audio post processor An information disclosure vulnerability in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. CVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported ---|---|---|---|---|--- CVE-2017-0399 | [ A-32588756](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 18, 2016 CVE-2017-0400 | [ A-32438598](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 CVE-2017-0401 | [ A-32588016](<https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358>) | Moderate | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 26, 2016 CVE-2017-0402 | [ A-32588352](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 ### Information disclosure vulnerability in HTC input driver An information disclosure vulnerability in the HTC input driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2016-8475 | A-32591129* | Moderate | Pixel, Pixel XL | Oct 30, 2016 * The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). ### Denial of service vulnerability in kernel file system A denial of service vulnerability in the kernel file system could enable a local malicious application to cause a device hang or reboot. This issue is rated as Moderate because it is a temporary denial of service that requires a factory reset to fix. CVE | References | Severity | Updated Google devices | Date reported ---|---|---|---|--- CVE-2014-9420 | A-32477499 [ Upstream kernel](<http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f54e18f1b831c92f6512d2eedb224cd63d607d3d>) | Moderate | Pixel C | Dec 25, 2014 ## Common Questions and Answers This section answers common questions that may occur after reading this bulletin. **1\. How do I determine if my device is updated to address these issues? ** To learn how to check a device's security patch level, read the instructions on the [Pixel and Nexus update schedule](<https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices>). * Security patch levels of 2017-01-01 or later address all issues associated with the 2017-01-01 security patch level. * Security patch levels of 2017-01-05 or later address all issues associated with the 2017-01-05 security patch level and all previous patch levels. Device manufacturers that include these updates should set the patch string level to: * [ro.build.version.security_patch]:[2017-01-01] * [ro.build.version.security_patch]:[2017-01-05] **2\. Why does this bulletin have two security patch levels?** This bulletin has two security patch levels so that Android partners have the flexibility to fix a subset of vulnerabilities that are similar across all Android devices more quickly. Android partners are encouraged to fix all issues in this bulletin and use the latest security patch level. * Devices that use the January 1, 2017 security patch level must include all issues associated with that security patch level, as well as fixes for all issues reported in previous security bulletins. * Devices that use the security patch level of January 5, 2017 or newer must include all applicable patches in this (and previous) security bulletins. Partners are encouraged to bundle the fixes for all issues they are addressing in a single update. **3\. How do I determine which Google devices are affected by each issue?** In the 2017-01-01 and 2017-01-05 security vulnerability details sections, each table has an _Updated Google devices_ column that covers the range of affected Google devices updated for each issue. This column has a few options: * **All Google devices**: If an issue affects All and Pixel devices, the table will have "All" in the _Updated Google devices_ column. "All" encapsulates the following [supported devices](<https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices>): Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel, and Pixel XL. * **Some Google devices**: If an issue doesn't affect all Google devices, the affected Google devices are listed in the _Updated Google devices_ column. * **No Google devices**: If no Google devices running the latest available version of Android are affected by the issue, the table will have "None" in the _Updated Google devices_ column. **4\. What do the entries in the references column map to?** Entries under the _References_ column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs. These prefixes map as follows: Prefix | Reference ---|--- A- | Android bug ID QC- | Qualcomm reference number M- | MediaTek reference number N- | NVIDIA reference number B- | Broadcom reference number ## Revisions * January 03, 2017: Bulletin published. * January 04, 2017: Bulletin revised to include AOSP links. * January 05, 2017: Clarified AOSP version number from 7.1 to 7.1.1. * January 12, 2017: Removed duplicate entry for CVE-2016-8467. * January 24, 2017: Updated description and severity for CVE-2017-0381. * February 2, 2017: Updated CVE-2017-0389 with additional patch link.

{"id": "ANDROID:2017-01-01", "vendorId": null, "type": "androidsecurity", "bulletinFamily": "software", "title": "Android Security Bulletin\u2014January 2017", "description": "The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Alongside the bulletin, we have released a security update to Google devices through an over-the-air (OTA) update. The Google device firmware images have also been released to the [Google Developer site](<https://developers.google.com/android/nexus/images>). Security patch levels of January 05, 2017 or later address all of these issues. Refer to the [Pixel and Nexus update schedule](<https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices>) to learn how to check a device's security patch level.\n\nPartners were notified of the issues described in the bulletin on December 05, 2016 or earlier. Source code patches for these issues have been released to the Android Open Source Project (AOSP) repository and linked from this bulletin. This bulletin also includes links to patches outside of AOSP.\n\nThe most severe of these issues is a Critical security vulnerability that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are disabled for development purposes or if successfully bypassed.\n\nWe have had no reports of active customer exploitation or abuse of these newly reported issues. Refer to the Android and Google service mitigations section for details on the Android security platform protections and service protections such as [SafetyNet](<https://developer.android.com/training/safetynet/index.html>), which improve the security of the Android platform.\n\nWe encourage all customers to accept these updates to their devices.\n\n## Announcements\n\n * This bulletin has two security patch level strings to provide Android partners with the flexibility to more quickly fix a subset of vulnerabilities that are similar across all Android devices. See Common questions and answers for additional information: \n * **2017-01-01**: Partial security patch level string. This security patch level string indicates that all issues associated with 2017-01-01 (and all previous security patch level strings) are addressed.\n * **2017-01-05**: Complete security patch level string. This security patch level string indicates that all issues associated with 2017-01-01 and 2017-01-05 (and all previous security patch level strings) are addressed.\n * Supported Google devices will receive a single OTA update with the January 05, 2017 security patch level.\n\n## Security vulnerability summary\n\nThe tables below contains a list of security vulnerabilities, the Common Vulnerability and Exposures ID (CVE), the assessed severity, and whether or not Google devices are affected. The severity assessment is based on the effect that exploiting the vulnerability would possibly have on an affected device, assuming the platform and service mitigations are disabled for development purposes or if successfully bypassed.\n\n## Android and Google service mitigations\n\nThis is a summary of the mitigations provided by the Android security platform and service protections, such as SafetyNet. These capabilities reduce the likelihood that security vulnerabilities could be successfully exploited on Android.\n\n * Exploitation for many issues on Android is made more difficult by enhancements in newer versions of the Android platform. We encourage all users to update to the latest version of Android where possible.\n * The Android Security team actively monitors for abuse with [Verify Apps and SafetyNet](<http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_2015_Report_Final.pdf>), which are designed to warn users about [Potentially Harmful Applications](<http://static.googleusercontent.com/media/source.android.com/en//security/reports/Google_Android_Security_PHA_classifications.pdf>). Verify Apps is enabled by default on devices with [Google Mobile Services](<http://www.android.com/gms>) and is especially important for users who install applications from outside of Google Play. Device rooting tools are prohibited within Google Play, but Verify Apps warns users when they attempt to install a detected rooting application\u2014no matter where it comes from. Additionally, Verify Apps attempts to identify and block installation of known malicious applications that exploit a privilege escalation vulnerability. If such an application has already been installed, Verify Apps will notify the user and attempt to remove the detected application.\n * As appropriate, Google Hangouts and Messenger applications do not automatically pass media to processes such as Mediaserver.\n\n## Acknowledgements\n\nWe would like to thank these researchers for their contributions:\n\n * Alexandru Blanda: CVE-2017-0390\n * Daniel Micay of Copperhead Security: CVE-2017-0397\n * Daxing Guo ([@freener0](<https://twitter.com/freener0>)) of Xuanwu Lab, Tencent: CVE-2017-0386\n * [derrek](<mailto:derrek.haxx@gmail.com>) ([@derrekr6](<https://twitter.com/derrekr6>)): CVE-2017-0392\n * Di Shen ([@returnsme](<https://twitter.com/returnsme>)) of KeenLab ([@keen_lab](<https://twitter.com/keen_lab>)), Tencent: CVE-2016-8412, CVE-2016-8444, CVE-2016-8427, CVE-2017-0403\n * donfos (Aravind Machiry) of Shellphish Grill Team, UC Santa Barbara: CVE-2016-8448, CVE-2016-8470, CVE-2016-8471, CVE-2016-8472\n * En He ([@heeeeen4x](<http://twitter.com/heeeeen4x>)) of [MS509Team](<http://www.ms509.com>): CVE-2017-0394\n * Gengjia Chen ([@chengjia4574](<https://twitter.com/chengjia4574>)) and [pjf](<http://weibo.com/jfpan>) of IceSword Lab, Qihoo 360 Technology Co. Ltd.: CVE-2016-8464\n * Google WebM Team: CVE-2017-0393\n * Guang Gong (\u9f9a\u5e7f) ([@oldfresher](<http://twitter.com/oldfresher>)) of Alpha Team, [Qihoo 360 Technology Co. Ltd.](<http://www.360.com>): CVE-2017-0387\n * Hao Chen and Guang Gong of Alpha Team, Qihoo 360 Technology Co. Ltd.: CVE-2016-8415, CVE-2016-8454, CVE-2016-8455, CVE-2016-8456, CVE-2016-8457, CVE-2016-8465\n * Jianqiang Zhao ([@jianqiangzhao](<https://twitter.com/jianqiangzhao>)) and [pjf](<http://weibo.com/jfpan>) of IceSword Lab, Qihoo 360: CVE-2016-8475\n * Jon Sawyer ([@jcase](<http://twitter.com/jcase>)) and Sean Beaupre ([@firewaterdevs](<https://twitter.com/firewaterdevs>)): CVE-2016-8462\n * Jon Sawyer ([@jcase](<http://twitter.com/jcase>)), Sean Beaupre ([@firewaterdevs](<https://twitter.com/firewaterdevs>)), and Ben Actis ([@Ben_RA](<https://twitter.com/ben_ra>)): CVE-2016-8461\n * Mingjian Zhou ([@Mingjian_Zhou](<https://twitter.com/Mingjian_Zhou>)), Yuqi Lu ([@nikos233](<https://twitter.com/nikos233__>)), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2017-0383\n * Monk Avel: CVE-2017-0396, CVE-2017-0399\n * Peter Pi ([@heisecode](<https://twitter.com/heisecode>)) of Trend Micro: CVE-2016-8469, CVE-2016-8424, CVE-2016-8428, CVE-2016-8429, CVE-2016-8460, CVE-2016-8473, CVE-2016-8474\n * Qidan He (\u4f55\u6dc7\u4e39) ([@flanker_hqd](<https://twitter.com/flanker_hqd>)) of KeenLab, Tencent (\u817e\u8baf\u79d1\u6069\u5b9e\u9a8c\u5ba4): CVE-2017-0382\n * Roee Hay and Michael Goberman of IBM Security X-Force: CVE-2016-8467\n * Seven Shen ([@lingtongshen](<https://twitter.com/lingtongshen>)) of Trend Micro Mobile Threat Research Team: CVE-2016-8466\n * Stephen Morrow: CVE-2017-0389\n * V.E.O ([@VYSEa](<https://twitter.com/vysea>)) of Mobile Threat Research Team, [Trend Micro](<http://www.trendmicro.com>): CVE-2017-0381\n * Weichao Sun ([@sunblate](<https://twitter.com/sunblate>)) of Alibaba Inc.: CVE-2017-0391\n * [Wenke Dou](<mailto:vancouverdou@gmail.com>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2017-0402, CVE-2017-0398\n * [Wenke Dou](<mailto:vancouverdou@gmail.com>), [Hanxiang Wen](<mailto:arnow117@gmail.com>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2017-0400\n * [Wenke Dou](<mailto:vancouverdou@gmail.com>), [Hongli Han](<mailto:hlhan@bupt.edu.cn>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2017-0384, CVE-2017-0385\n * [Wenke Dou](<mailto:vancouverdou@gmail.com>), Yuqi Lu ([@nikos233](<https://twitter.com/nikos233__>)), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2017-0401\n * [Yao Jun](<mailto:yaojun8558363@gmail.com>), [Yuan-Tsung Lo](<mailto:computernik@gmail.com>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2016-8431, CVE-2016-8432, CVE-2016-8435\n * Yong Wang (\u738b\u52c7) ([@ThomasKing2014](<https://twitter.com/ThomasKing2014>)) and Jun Cheng of Alibaba Inc.: CVE-2017-0404\n * [Yuan-Tsung Lo](<mailto:computernik@gmail.com>), [Tong Lin](<mailto:segfault5514@gmail.com>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2016-8425, CVE-2016-8426, CVE-2016-8449\n * [Yuan-Tsung Lo](<mailto:computernik@gmail.com>), [Yanfeng Wang](<mailto:bigwyfone@gmail.com>), Chiachih Wu ([@chiachih_wu](<https://twitter.com/chiachih_wu>)), and Xuxian Jiang of [C0RE Team](<http://c0reteam.org>): CVE-2016-8430, CVE-2016-8482\n * Yuxiang Li ([@Xbalien29](<https://twitter.com/xbalien29>)) of Tencent Security Platform Department: CVE-2017-0395\n * Zhanpeng Zhao (\u884c\u4e4b) ([@0xr0ot](<https://twitter.com/0xr0ot>)) of Security Research Lab, [Cheetah Mobile](<http://www.cmcm.com/>): CVE-2016-8451\n\nWe would also like to thank the following researchers for their contributions to this bulletin:\n\n * Baozeng Ding, Chengming Yang, Peng Xiao, Ning You, Yang Dong, Chao Yang, Yi Zhang and Yang Song of Alibaba Mobile Security Group\n * Peter Pi ([@heisecode](<https://twitter.com/heisecode>)) of Trend Micro\n * Zubin Mithra of Google\n\n## 2017-01-01 security patch level\u2014Vulnerability details\n\nIn the sections below, we provide details for each of the security vulnerabilities that apply to the 2017-01-01 patch level. There is a description of the issue, a severity rationale, and a table with the CVE, associated references, severity, updated Google devices, updated AOSP versions (where applicable), and date reported. When available, we will link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.\n\n### Remote code execution vulnerability in c-ares\n\nA remote code execution vulnerability in c-ares could enable an attacker using a specially crafted request to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses this library. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2016-5180 | [ A-32205736](<https://android.googlesource.com/platform/external/c-ares/+/f4baf84f285bfbdebb89b2fef8a955720f00c677>) | High | All | 7.0 | Sept 29, 2016 \n \n### Remote code execution vulnerability in Framesequence\n\nA remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0382 | [ A-32338390](<https://android.googlesource.com/platform/frameworks/ex/+/7f0e3dab5a892228d8dead7f0221cc9ae82474f7>) | High | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 21, 2016 \n \n### Elevation of privilege vulnerability in Framework APIs\n\nAn elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0383 | [ A-31677614](<https://android.googlesource.com/platform/frameworks/native/+/e5753ba087fa59ee02f6026cc13b1ceb42a1f266>) | High | All | 7.0, 7.1.1 | Sep 21, 2016 \n \n### Elevation of privilege vulnerability in Audioserver\n\nAn elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0384 | [ A-32095626](<https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe>) | High | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 11, 2016 \nCVE-2017-0385 | [ A-32585400](<https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358>) | High | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 11, 2016 \n \n### Elevation of privilege vulnerability in libnl\n\nAn elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0386 | [ A-32255299](<https://android.googlesource.com/platform/external/libnl/+/f0b40192efd1af977564ed6335d42a8bbdaf650a>) | High | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 18, 2016 \n \n### Elevation of privilege vulnerability in Mediaserver\n\nAn elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0387 | [ A-32660278](<https://android.googlesource.com/platform/frameworks/native/+/675e212c8c6653825cc3352c603caf2e40b00f9f>) | High | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Nov 4, 2016 \n \n### Information disclosure vulnerability in External Storage Provider\n\nAn information disclosure vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it could be used to access data without permission. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0388 | [ A-32523490](<https://android.googlesource.com/platform/frameworks/base/+/47e62b7fe6807a274ba760a8fecfd624fe792da9>) | High | All | 6.0, 6.0.1, 7.0, 7.1.1 | Google internal \n \n### Denial of service vulnerability in core networking\n\nA denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0389 | [ A-31850211](<https://android.googlesource.com/platform/frameworks/base/+/a014b6be3c7c6fb5cf9352a05baf84fca7a133c7>) [[2](<https://android.googlesource.com/platform/frameworks/base/+/47e81a2596b00ee7aaca58716ff164a1708b0b29>)] [[3](<https://android.googlesource.com/platform/frameworks/base/+/006e0613016c1a0e0627f992f5a93a7b7198edba>)] | High | All | 6.0, 6.0.1, 7.0, 7.1.1 | Jul 20, 2016 \n \n### Denial of service vulnerability in Mediaserver\n\nA denial of service vulnerability in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0390 | [ A-31647370](<https://android.googlesource.com/platform/external/tremolo/+/5dc99237d49e73c27d3eca54f6ccd97d13f94de0>) | High | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Sep 19, 2016 \nCVE-2017-0391 | [ A-32322258](<https://android.googlesource.com/platform/external/libhevc/+/a33f6725d7e9f92330f995ce2dcf4faa33f6433f>) | High | All | 6.0, 6.0.1, 7.0, 7.1.1 | Oct 20, 2016 \nCVE-2017-0392 | [ A-32577290](<https://android.googlesource.com/platform/frameworks/av/+/453b351ac5bd2b6619925dc966da60adf6b3126c>) | High | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 29, 2016 \nCVE-2017-0393 | [ A-30436808](<https://android.googlesource.com/platform/external/libvpx/+/6886e8e0a9db2dbad723dc37a548233e004b33bc>) | High | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Google internal \n \n### Denial of service vulnerability in Telephony\n\nA denial of service vulnerability in Telephony could enable a remote attacker to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0394 | [ A-31752213](<https://android.googlesource.com/platform/packages/services/Telephony/+/1cdced590675ce526c91c6f8983ceabb8038f58d>) | High | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Sep 23, 2016 \n \n### Elevation of privilege vulnerability in Contacts\n\nAn elevation of privilege vulnerability in Contacts could enable a local malicious application to silently create contact information. This issue is rated as Moderate because it is a local bypass of user interaction requirements (access to functionality that would normally require either user initiation or user permission). \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0395 | [ A-32219099](<https://android.googlesource.com/platform/packages/apps/ContactsCommon/+/d47661ad82d402c1e0c90eb83970687d784add1b>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 15, 2016 \n \n### Information disclosure vulnerability in Mediaserver\n\nAn information disclosure vulnerability in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0381 | [ A-31607432](<https://android.googlesource.com/platform/external/libopus/+/0d052d64480a30e83fcdda80f4774624e044beb7>) | Moderate | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Sep 18, 2016 \nCVE-2017-0396 | [ A-31781965](<https://android.googlesource.com/platform/frameworks/av/+/557bd7bfe6c4895faee09e46fc9b5304a956c8b7>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Sep 27, 2016 \nCVE-2017-0397 | [ A-32377688](<https://android.googlesource.com/platform/frameworks/av/+/7a3246b870ddd11861eda2ab458b11d723c7f62c>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 21, 2016 \n \n### Information disclosure vulnerability in Audioserver\n\nAn information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0398 | [ A-32438594](<https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 \nCVE-2017-0398 | [ A-32635664](<https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 \nCVE-2017-0398 | [ A-32624850](<https://android.googlesource.com/platform/frameworks/av/+/26965db50a617f69bdefca0d7533796c80374f2c>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 \nCVE-2017-0399 | [ A-32247948](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 18, 2016 \nCVE-2017-0400 | [ A-32584034](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 \nCVE-2017-0401 | [ A-32448258](<https://android.googlesource.com/platform/frameworks/av/+/321ea5257e37c8edb26e66fe4ee78cca4cd915fe>) | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 26, 2016 \nCVE-2017-0402 | [ A-32436341](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 \n \n## 2017-01-05 security patch level\u2014Vulnerability details\n\nIn the sections below, we provide details for each of the security vulnerabilities that applt to the 2017-01-05 patch level. There is a description of the issue, a severity rationale, and a table with the CVE, associated references, severity, updated Google devices, updated AOSP versions (where applicable), and date reported. When available, we will link the public change that addressed the issue to the bug ID, like the AOSP change list. When multiple changes relate to a single bug, additional references are linked to numbers following the bug ID.\n\n### Elevation of privilege vulnerability in kernel memory subsystem\n\nAn elevation of privilege vulnerability in the kernel memory subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2015-3288 | A-32460277 [ Upstream kernel](<http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6b7339f4c31ad69c8e9c0b2859276e22cf72176d>) | Critical | Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel C, Nexus Player, Pixel, Pixel XL | Jul 9, 2015 \n \n### Elevation of privilege vulnerability in Qualcomm bootloader\n\nAn elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8422 | A-31471220 [ QC-CR#979426](<https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=d6639f0a77f8ebfc1e05f3acdf12d5588e7e6213>) | Critical | Nexus 6, Nexus 6P, Pixel, Pixel XL | Jul 22, 2016 \nCVE-2016-8423 | A-31399736 [ QC-CR#1000546](<https://source.codeaurora.org/quic/la//kernel/lk/commit/?id=98db6cc526fa1677da05d54785937540cdc84867>) | Critical | Nexus 6P, Pixel, Pixel XL | Aug 24, 2016 \n \n### Elevation of privilege vulnerability in kernel file system\n\nAn elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2015-5706 | A-32289301 [ Upstream kernel](<http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f15133df088ecadd141ea1907f2c96df67c729f0>) | Critical | None* | Aug 1, 2016 \n \n* Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. \n\n### Elevation of privilege vulnerability in NVIDIA GPU driver\n\nAn elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8424 | A-31606947* N-CVE-2016-8424 | Critical | Nexus 9 | Sep 17, 2016 \nCVE-2016-8425 | A-31797770* N-CVE-2016-8425 | Critical | Nexus 9 | Sep 28, 2016 \nCVE-2016-8426 | A-31799206* N-CVE-2016-8426 | Critical | Nexus 9 | Sep 28, 2016 \nCVE-2016-8482 | A-31799863* N-CVE-2016-8482 | Critical | Nexus 9 | Sep 28, 2016 \nCVE-2016-8427 | A-31799885* N-CVE-2016-8427 | Critical | Nexus 9 | Sep 28, 2016 \nCVE-2016-8428 | A-31993456* N-CVE-2016-8428 | Critical | Nexus 9 | Oct 6, 2016 \nCVE-2016-8429 | A-32160775* N-CVE-2016-8429 | Critical | Nexus 9 | Oct 13, 2016 \nCVE-2016-8430 | A-32225180* N-CVE-2016-8430 | Critical | Nexus 9 | Oct 17, 2016 \nCVE-2016-8431 | A-32402179* N-CVE-2016-8431 | Critical | Pixel C | Oct 25, 2016 \nCVE-2016-8432 | A-32447738* N-CVE-2016-8432 | Critical | Pixel C | Oct 26, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Elevation of privilege vulnerability in MediaTek driver\n\nAn elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8433 | A-31750190* MT-ALPS02974192 | Critical | None** | Sep 24, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n** Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. \n\n### Elevation of privilege vulnerability in Qualcomm GPU driver\n\nAn elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8434 | A-32125137 [ QC-CR#1081855](<https://source.codeaurora.org/quic/la/kernel/msm-3.14/commit/?id=3e3866a5fced40ccf9ca442675cf915961efe4d9>) | Critical | Nexus 5X, Nexus 6, Nexus 6P, Android One | Oct 12, 2016 \n \n### Elevation of privilege vulnerability in NVIDIA GPU driver\n\nAn elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8435 | A-32700935* N-CVE-2016-8435 | Critical | Pixel C | Nov 7, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Elevation of privilege vulnerability in Qualcomm video driver\n\nAn elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8436 | A-32450261 [ QC-CR#1007860](<https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=228e8d17b9f5d22cf9896ab8eff88dc6737c2ced>) | Critical | None* | Oct 13, 2016 \n \n* Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. \n\n### Vulnerabilities in Qualcomm components\n\nThe following vulnerabilities affects Qualcomm components and are described in further detail in Qualcomm AMSS November 2015, August 2016, September 2016, and October 2016 security bulletins. \n\nCVE | References | Severity* | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8438 | A-31624565** | Critical | None*** | Qualcomm internal \nCVE-2016-8442 | A-31625910** | Critical | None*** | Qualcomm internal \nCVE-2016-8443 | A-32576499** | Critical | None*** | Qualcomm internal \nCVE-2016-8437 | A-31623057** | High | None*** | Qualcomm internal \nCVE-2016-8439 | A-31625204** | High | None*** | Qualcomm internal \nCVE-2016-8440 | A-31625306** | High | None*** | Qualcomm internal \nCVE-2016-8441 | A-31625904** | High | None*** | Qualcomm internal \nCVE-2016-8398 | A-31548486** | High | Nexus 5X, Nexus 6, Nexus 6P, Android One | Qualcomm internal \nCVE-2016-8459 | A-32577972** | High | None*** | Qualcomm internal \nCVE-2016-5080 | A-31115235** | Moderate | Nexus 5X | Qualcomm internal \n \n* The severity rating for these vulnerabilities was determined by the vendor. \n\n** The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n*** Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. \n\n### Elevation of privilege vulnerability in Qualcomm camera\n\nAn elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8412 | A-31225246 [ QC-CR#1071891](<https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=42a98c44669d92dafcf4d6336bdccaeb2db12786>) | High | Nexus 5X, Nexus 6, Nexus 6P, Android One, Pixel, Pixel XL | Aug 26, 2016 \nCVE-2016-8444 | A-31243641* QC-CR#1074310 | High | Nexus 5X, Nexus 6, Nexus 6P | Aug 26, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Elevation of privilege vulnerability in MediaTek components\n\nAn elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8445 | A-31747590* MT-ALPS02968983 | High | None** | Sep 25, 2016 \nCVE-2016-8446 | A-31747749* MT-ALPS02968909 | High | None** | Sep 25, 2016 \nCVE-2016-8447 | A-31749463* MT-ALPS02968886 | High | None** | Sep 25, 2016 \nCVE-2016-8448 | A-31791148* MT-ALPS02982181 | High | None** | Sep 28, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n** Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. \n\n### Elevation of privilege vulnerability in Qualcomm Wi-Fi driver\n\nAn elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8415 | A-31750554 [ QC-CR#1079596](<https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=188e12a816508b11771f362c852782ec9a6f9394>) | High | Nexus 5X, Pixel, Pixel XL | Sep 26, 2016 \n \n### Elevation of privilege vulnerability in NVIDIA GPU driver\n\nAn elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8449 | A-31798848* N-CVE-2016-8449 | High | Nexus 9 | Sep 28, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Elevation of privilege vulnerability in Qualcomm sound driver\n\nAn elevation of privilege vulnerability in the Qualcomm sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8450 | A-32450563 [ QC-CR#880388](<https://source.codeaurora.org/quic/la//kernel/msm-3.18/commit/?id=e909d159ad1998ada853ed35be27c7b6ba241bdb>) | High | Nexus 5X, Nexus 6, Nexus 6P, Android One | Oct 13, 2016 \n \n### Elevation of privilege vulnerability in Synaptics touchscreen driver\n\nAn elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8451 | A-32178033* | High | None** | Oct 13, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n** Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. \n\n### Elevation of privilege vulnerability in kernel security subsystem\n\nAn elevation of privilege vulnerability in kernel security subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-7042 | A-32178986 [ Upstream kernel](<http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=03dab869b7b239c4e013ec82aea22e181e441cfc>) | High | Pixel C | Oct 14, 2016 \n \n### Elevation of privilege vulnerability in kernel performance subsystem\n\nAn elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2017-0403 | A-32402548* | High | Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player, Pixel, Pixel XL | Oct 25, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Elevation of privilege vulnerability in kernel sound subsystem\n\nAn elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2017-0404 | A-32510733* | High | Nexus 5X, Nexus 6P, Nexus 9, Pixel C, Nexus Player, Pixel, Pixel XL | Oct 27, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Elevation of privilege vulnerability in Qualcomm Wi-Fi driver\n\nAn elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8452 | A-32506396 [ QC-CR#1050323](<https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=39fa8e972fa1b10dc68a066f4f9432753d8a2526>) | High | Nexus 5X, Android One, Pixel, Pixel XL | Oct 28, 2016 \n \n### Elevation of privilege vulnerability in Qualcomm radio driver\n\nAn elevation of privilege vulnerability in the Qualcomm radio driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-5345 | A-32639452 [ QC-CR#1079713](<https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=67118716a2933f6f30a25ea7e3946569a8b191c6>) | High | Android One | Nov 3, 2016 \n \n### Elevation of privilege vulnerability in kernel profiling subsystem\n\nAn elevation of privilege vulnerability in the kernel profiling subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-9754 | A-32659848 [ Upstream kernel](<http://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=59643d1535eb220668692a5359de22545af579f6>) | High | Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Pixel C, Nexus Player | Nov 4, 2016 \n \n### Elevation of privilege vulnerability in Broadcom Wi-Fi driver\n\nAn elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8453 | A-24739315* B-RB#73392 | High | Nexus 6 | Google internal \nCVE-2016-8454 | A-32174590* B-RB#107142 | High | Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player | Oct 14, 2016 \nCVE-2016-8455 | A-32219121* B-RB#106311 | High | Nexus 6P | Oct 15, 2016 \nCVE-2016-8456 | A-32219255* B-RB#105580 | High | Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player | Oct 15, 2016 \nCVE-2016-8457 | A-32219453* B-RB#106116 | High | Nexus 6, Nexus 6P, Nexus 9, Pixel C | Oct 15, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Elevation of privilege vulnerability in Synaptics touchscreen driver\n\nAn elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8458 | A-31968442* | High | Nexus 5X, Nexus 6P, Nexus 9, Android One, Pixel, Pixel XL | Google internal \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Information disclosure vulnerability in NVIDIA video driver\n\nAn information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8460 | A-31668540* N-CVE-2016-8460 | High | Nexus 9 | Sep 21, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Information disclosure vulnerability in bootloader\n\nAn information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8461 | A-32369621* | High | Nexus 9, Pixel, Pixel XL | Oct 21, 2016 \nCVE-2016-8462 | A-32510383* | High | Pixel, Pixel XL | Oct 27, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Denial of service vulnerability in Qualcomm FUSE file system\n\nA denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8463 | A-30786860 [ QC-CR#586855](<https://source.codeaurora.org/quic/la/kernel/msm-3.10/commit/?id=cd0fa86de6ca1d40c0a93d86d1c0f7846e8a9a10>) | High | None* | Jan 03, 2014 \n \n* Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. \n\n### Denial of service vulnerability in bootloader\n\nA denial of service vulnerability in the bootloader could enable an attacker to cause a local permanent denial of service, which may require reflashing the operating system to repair the device. This issue is rated as High due to the possibility of local permanent denial of service. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8467 | A-30308784* | High | Nexus 6, Nexus 6P | Jun 29, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Elevation of privilege vulnerability in Broadcom Wi-Fi driver\n\nAn elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8464 | A-29000183* B-RB#106314 | Moderate | Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player | May 26, 2016 \nCVE-2016-8466 | A-31822524* B-RB#105268 | Moderate | Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player | Sep 28, 2016 \nCVE-2016-8465 | A-32474971* B-RB#106053 | Moderate | Nexus 6, Nexus 6P, Nexus 9, Pixel C, Nexus Player | Oct 27, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Elevation of privilege vulnerability in Binder\n\nAn elevation of privilege vulnerability in Binder could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8468 | A-32394425* | Moderate | Pixel C, Pixel, Pixel XL | Google internal \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Information disclosure vulnerability in NVIDIA camera driver\n\nAn information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8469 | A-31351206* N-CVE-2016-8469 | Moderate | Nexus 9 | Sep 7, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Information disclosure vulnerability in MediaTek driver\n\nAn information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8470 | A-31528889* MT-ALPS02961395 | Moderate | None** | Sep 15, 2016 \nCVE-2016-8471 | A-31528890* MT-ALPS02961380 | Moderate | None** | Sep 15, 2016 \nCVE-2016-8472 | A-31531758* MT-ALPS02961384 | Moderate | None** | Sep 15, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n** Supported Google devices on Android 7.0 or later that have installed all available updates are not affected by this vulnerability. \n\n### Information disclosure vulnerability in STMicroelectronics driver\n\nAn information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8473 | A-31795790* | Moderate | Nexus 5X, Nexus 6P | Sep 28, 2016 \nCVE-2016-8474 | A-31799972* | Moderate | Nexus 5X, Nexus 6P | Sep 28, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Information disclosure vulnerability in Qualcomm audio post processor \n\nAn information disclosure vulnerability in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. \n\nCVE | References | Severity | Updated Google devices | Updated AOSP versions | Date reported \n---|---|---|---|---|--- \nCVE-2017-0399 | [ A-32588756](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 18, 2016 \nCVE-2017-0400 | [ A-32438598](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 \nCVE-2017-0401 | [ A-32588016](<https://android.googlesource.com/platform/hardware/qcom/audio/+/ed79f2cc961d7d35fdbbafdd235c1436bcd74358>) | Moderate | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 26, 2016 \nCVE-2017-0402 | [ A-32588352](<https://android.googlesource.com/platform/frameworks/av/+/c66c43ad571ed2590dcd55a762c73c90d9744bac>) [[2](<https://android.googlesource.com/platform/hardware/qcom/audio/+/d72ea85c78a1a68bf99fd5804ad9784b4102fe57>)] | Moderate | All | 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1 | Oct 25, 2016 \n \n### Information disclosure vulnerability in HTC input driver\n\nAn information disclosure vulnerability in the HTC input driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2016-8475 | A-32591129* | Moderate | Pixel, Pixel XL | Oct 30, 2016 \n \n* The patch for this issue is not publicly available. The update is contained in the latest binary drivers for Nexus devices available from the [Google Developer site](<https://developers.google.com/android/nexus/drivers>). \n\n### Denial of service vulnerability in kernel file system\n\nA denial of service vulnerability in the kernel file system could enable a local malicious application to cause a device hang or reboot. This issue is rated as Moderate because it is a temporary denial of service that requires a factory reset to fix. \n\nCVE | References | Severity | Updated Google devices | Date reported \n---|---|---|---|--- \nCVE-2014-9420 | A-32477499 [ Upstream kernel](<http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f54e18f1b831c92f6512d2eedb224cd63d607d3d>) | Moderate | Pixel C | Dec 25, 2014 \n \n## Common Questions and Answers\n\nThis section answers common questions that may occur after reading this bulletin.\n\n**1\\. How do I determine if my device is updated to address these issues? **\n\nTo learn how to check a device's security patch level, read the instructions on the [Pixel and Nexus update schedule](<https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices>).\n\n * Security patch levels of 2017-01-01 or later address all issues associated with the 2017-01-01 security patch level.\n * Security patch levels of 2017-01-05 or later address all issues associated with the 2017-01-05 security patch level and all previous patch levels.\n\nDevice manufacturers that include these updates should set the patch string level to:\n\n * [ro.build.version.security_patch]:[2017-01-01]\n * [ro.build.version.security_patch]:[2017-01-05]\n\n**2\\. Why does this bulletin have two security patch levels?**\n\nThis bulletin has two security patch levels so that Android partners have the flexibility to fix a subset of vulnerabilities that are similar across all Android devices more quickly. Android partners are encouraged to fix all issues in this bulletin and use the latest security patch level.\n\n * Devices that use the January 1, 2017 security patch level must include all issues associated with that security patch level, as well as fixes for all issues reported in previous security bulletins.\n * Devices that use the security patch level of January 5, 2017 or newer must include all applicable patches in this (and previous) security bulletins.\n\nPartners are encouraged to bundle the fixes for all issues they are addressing in a single update.\n\n**3\\. How do I determine which Google devices are affected by each issue?**\n\nIn the 2017-01-01 and 2017-01-05 security vulnerability details sections, each table has an _Updated Google devices_ column that covers the range of affected Google devices updated for each issue. This column has a few options:\n\n * **All Google devices**: If an issue affects All and Pixel devices, the table will have \"All\" in the _Updated Google devices_ column. \"All\" encapsulates the following [supported devices](<https://support.google.com/pixelphone/answer/4457705#pixel_phones&nexus_devices>): Nexus 5X, Nexus 6, Nexus 6P, Nexus 9, Android One, Nexus Player, Pixel C, Pixel, and Pixel XL.\n * **Some Google devices**: If an issue doesn't affect all Google devices, the affected Google devices are listed in the _Updated Google devices_ column.\n * **No Google devices**: If no Google devices running the latest available version of Android are affected by the issue, the table will have \"None\" in the _Updated Google devices_ column.\n\n**4\\. What do the entries in the references column map to?**\n\nEntries under the _References_ column of the vulnerability details table may contain a prefix identifying the organization to which the reference value belongs. These prefixes map as follows:\n\nPrefix | Reference \n---|--- \nA- | Android bug ID \nQC- | Qualcomm reference number \nM- | MediaTek reference number \nN- | NVIDIA reference number \nB- | Broadcom reference number \n \n## Revisions\n\n * January 03, 2017: Bulletin published.\n * January 04, 2017: Bulletin revised to include AOSP links.\n * January 05, 2017: Clarified AOSP version number from 7.1 to 7.1.1.\n * January 12, 2017: Removed duplicate entry for CVE-2016-8467.\n * January 24, 2017: Updated description and severity for CVE-2017-0381.\n * February 2, 2017: Updated CVE-2017-0389 with additional patch link.\n", "published": "2017-01-03T00:00:00", "modified": "2017-02-02T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "baseScore": 10.0}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 10.0, "acInsufInfo": true, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://source.android.com/docs/security/bulletin/2017-01-01", "reporter": "Android Open Source Project", "references": [], "cvelist": ["CVE-2014-9420", "CVE-2015-3288", "CVE-2015-5706", "CVE-2016-5080", "CVE-2016-5180", "CVE-2016-5345", "CVE-2016-7042", "CVE-2016-8398", "CVE-2016-8412", "CVE-2016-8415", "CVE-2016-8422", "CVE-2016-8423", "CVE-2016-8424", "CVE-2016-8425", "CVE-2016-8426", "CVE-2016-8427", "CVE-2016-8428", "CVE-2016-8429", "CVE-2016-8430", "CVE-2016-8431", "CVE-2016-8432", "CVE-2016-8433", "CVE-2016-8434", "CVE-2016-8435", "CVE-2016-8436", "CVE-2016-8437", "CVE-2016-8438", "CVE-2016-8439", "CVE-2016-8440", "CVE-2016-8441", "CVE-2016-8442", "CVE-2016-8443", "CVE-2016-8444", "CVE-2016-8445", "CVE-2016-8446", "CVE-2016-8447", "CVE-2016-8448", "CVE-2016-8449", "CVE-2016-8450", "CVE-2016-8451", "CVE-2016-8452", "CVE-2016-8453", "CVE-2016-8454", "CVE-2016-8455", "CVE-2016-8456", "CVE-2016-8457", "CVE-2016-8458", "CVE-2016-8459", "CVE-2016-8460", "CVE-2016-8461", "CVE-2016-8462", "CVE-2016-8463", "CVE-2016-8464", "CVE-2016-8465", "CVE-2016-8466", "CVE-2016-8467", "CVE-2016-8468", "CVE-2016-8469", "CVE-2016-8470", "CVE-2016-8471", "CVE-2016-8472", "CVE-2016-8473", "CVE-2016-8474", "CVE-2016-8475", "CVE-2016-8482", "CVE-2016-9754", "CVE-2017-0381", "CVE-2017-0382", "CVE-2017-0383", "CVE-2017-0384", "CVE-2017-0385", "CVE-2017-0386", "CVE-2017-0387", "CVE-2017-0388", "CVE-2017-0389", "CVE-2017-0390", "CVE-2017-0391", "CVE-2017-0392", "CVE-2017-0393", "CVE-2017-0394", "CVE-2017-0395", "CVE-2017-0396", "CVE-2017-0397", "CVE-2017-0398", "CVE-2017-0399", "CVE-2017-0400", "CVE-2017-0401", "CVE-2017-0402", "CVE-2017-0403", "CVE-2017-0404"], "immutableFields": [], "lastseen": "2022-08-15T18:03:44", "viewCount": 23, "enchantments": {"dependencies": {"references": [{"type": "amazon", "idList": ["ALAS2-2020-1558"]}, {"type": "android", "idList": ["ANDROID:CVE-2015-3288", "ANDROID:CVE-2015-5706", "ANDROID:CVE-2016-8422", "ANDROID:CVE-2016-8423", "ANDROID:CVE-2016-8424", "ANDROID:CVE-2016-8425", "ANDROID:CVE-2016-8426", "ANDROID:CVE-2016-8427", "ANDROID:CVE-2016-8428", "ANDROID:CVE-2016-8429", "ANDROID:CVE-2016-8430", "ANDROID:CVE-2016-8431", "ANDROID:CVE-2016-8432", "ANDROID:CVE-2016-8433", "ANDROID:CVE-2016-8434", "ANDROID:CVE-2016-8435", "ANDROID:CVE-2016-8436", "ANDROID:CVE-2016-8438", "ANDROID:CVE-2016-8442", "ANDROID:CVE-2016-8443", "ANDROID:CVE-2016-8482"]}, {"type": "androidsecurity", "idList": ["ANDROID:2017-04-01", "ANDROID:2017-06-01"]}, {"type": "apple", "idList": ["APPLE:064D138B51FD5A1569959D1A78DD6E63", "APPLE:5E58B6737BAA8A942A7E8E20FE61FF82", "APPLE:B6838750CA6086B150DDD58EB8FAE22A", "APPLE:DF08A53F8B130AC7A8FE4C422F2002C9", "APPLE:HT208112", "APPLE:HT208113", "APPLE:HT208115", "APPLE:HT208144"]}, {"type": "archlinux", "idList": ["ASA-201609-31"]}, {"type": "centos", "idList": ["CESA-2015:1081", "CESA-2015:1137", "CESA-2015:2152", "CESA-2017:0817", "CESA-2017:1842", "CESA-2020:3876"]}, {"type": "cert", "idList": ["VU:790839"]}, {"type": "chrome", "idList": ["GCSA-6268357615254221416"]}, {"type": "cisco", "idList": ["CISCO-SA-20160721-ASN1C"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:1DFE9585B9C1AAABE38F2402F4352EFD", "CFOUNDRY:ADC0B498E15923BC9D8697B0215001CD"]}, {"type": "cve", "idList": ["CVE-2014-9420", "CVE-2015-3288", "CVE-2015-5706", "CVE-2016-5080", "CVE-2016-5180", "CVE-2016-5345", "CVE-2016-7042", "CVE-2016-8398", "CVE-2016-8412", "CVE-2016-8415", "CVE-2016-8422", "CVE-2016-8423", "CVE-2016-8424", "CVE-2016-8425", "CVE-2016-8426", "CVE-2016-8427", "CVE-2016-8428", "CVE-2016-8429", "CVE-2016-8430", "CVE-2016-8431", "CVE-2016-8432", "CVE-2016-8433", "CVE-2016-8434", "CVE-2016-8435", "CVE-2016-8436", "CVE-2016-8437", "CVE-2016-8438", "CVE-2016-8439", "CVE-2016-8440", "CVE-2016-8441", "CVE-2016-8442", "CVE-2016-8443", "CVE-2016-8444", "CVE-2016-8445", "CVE-2016-8446", "CVE-2016-8447", "CVE-2016-8448", "CVE-2016-8449", "CVE-2016-8450", "CVE-2016-8451", "CVE-2016-8452", "CVE-2016-8453", "CVE-2016-8454", "CVE-2016-8455", "CVE-2016-8456", "CVE-2016-8457", "CVE-2016-8458", "CVE-2016-8459", "CVE-2016-8460", "CVE-2016-8461", "CVE-2016-8462", "CVE-2016-8463", "CVE-2016-8464", "CVE-2016-8465", "CVE-2016-8466", "CVE-2016-8467", "CVE-2016-8468", "CVE-2016-8469", "CVE-2016-8470", "CVE-2016-8471", "CVE-2016-8472", "CVE-2016-8473", "CVE-2016-8474", "CVE-2016-8475", "CVE-2016-8482", "CVE-2016-9754", "CVE-2017-0381", "CVE-2017-0382", "CVE-2017-0383", "CVE-2017-0384", "CVE-2017-0385", "CVE-2017-0386", "CVE-2017-0387", "CVE-2017-0388", "CVE-2017-0389", "CVE-2017-0390", "CVE-2017-0391", "CVE-2017-0392", "CVE-2017-0393", "CVE-2017-0394", "CVE-2017-0395", "CVE-2017-0396", "CVE-2017-0397", "CVE-2017-0398", "CVE-2017-0399", "CVE-2017-0400", "CVE-2017-0401", "CVE-2017-0402", "CVE-2017-0403", "CVE-2017-0404"]}, {"type": "debian", "idList": ["DEBIAN:DLA-155-1:5E8B0", "DEBIAN:DLA-648-1:C8D1F", "DEBIAN:DLA-648-1:D5E8A", "DEBIAN:DLA-670-1:F2D9C", "DEBIAN:DLA-793-1:369D3", "DEBIAN:DLA-793-1:EE118", "DEBIAN:DSA-3329-1:6C2DD", "DEBIAN:DSA-3329-1:93E26", "DEBIAN:DSA-3682-1:AFE87", "DEBIAN:DSA-3696-1:25A5B", "DEBIAN:DSA-3696-1:EEC99"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2014-9420", "DEBIANCVE:CVE-2015-3288", "DEBIANCVE:CVE-2015-5706", "DEBIANCVE:CVE-2016-5180", "DEBIANCVE:CVE-2016-7042", "DEBIANCVE:CVE-2016-9754", "DEBIANCVE:CVE-2017-0381", "DEBIANCVE:CVE-2017-0386", "DEBIANCVE:CVE-2017-0393", "DEBIANCVE:CVE-2017-0403", "DEBIANCVE:CVE-2017-0404"]}, {"type": "f5", "idList": ["F5:K17543", "F5:K37012655", "F5:K77323091", "SOL17543", "SOL77323091"]}, {"type": "fedora", "idList": ["FEDORA:02A94607697D", "FEDORA:200FA60CA522", "FEDORA:25987601B909", "FEDORA:3B8C7604E907", "FEDORA:4A2C76087582", "FEDORA:4CCA8606510C", "FEDORA:4FFC160776DB", "FEDORA:5E53060CA22C", "FEDORA:6D2D560620DD", "FEDORA:72D9F6051CE9", "FEDORA:767166061575", "FEDORA:81E40606D22E", "FEDORA:A4C8660C350E"]}, {"type": "freebsd", "idList": ["28BB6EE5-9B5C-11E6-B799-19BEF72F4B7C"]}, {"type": "gentoo", "idList": ["GLSA-201701-28", "GLSA-201702-21"]}, {"type": "ibm", "idList": ["091C926DD3372A48BCEFCA3A598C2A54BAEA4FF0AC1ADA170D539846CF9E0B12", "1D8744BF536D5B133A0AEB6D2969DFF11DFBADCEF06C768998622BB424AF6C06", "88960AAC513984E9BC256E1ABC8426805B1F10DADC462A85133E242CAAF21FEA", "C7D6C8F0103FF5CAC3D7147093A232AE69F35BCD81DE0D047B087CB77353DACB", "DCF0785A8E04DB6808EC923041C1F99827C730DBA6770E63D5DA25D354F764EE"]}, {"type": "lenovo", "idList": ["LENOVO:PS500321-NOSID"]}, {"type": "mageia", "idList": ["MGASA-2015-0006", "MGASA-2015-0075", "MGASA-2015-0076", "MGASA-2015-0077", "MGASA-2015-0078", "MGASA-2015-0386", "MGASA-2015-0390", "MGASA-2016-0015", "MGASA-2016-0351", "MGASA-2016-0401", "MGASA-2016-0411", "MGASA-2016-0412", "MGASA-2017-0029", "MGASA-2017-0158"]}, {"type": "myhack58", "idList": ["MYHACK58:62201786520"]}, {"type": "nessus", "idList": ["700511.PRM", "700542.PRM", "AL2_ALAS-2020-1558.NASL", "APPLE_IOS_110_CHECK.NBIN", "CENTOS_RHSA-2015-1081.NASL", "CENTOS_RHSA-2015-1137.NASL", "CENTOS_RHSA-2015-2152.NASL", "CENTOS_RHSA-2017-0817.NASL", "CENTOS_RHSA-2017-1842.NASL", "CENTOS_RHSA-2020-3876.NASL", "DEBIAN_DLA-155.NASL", "DEBIAN_DLA-648.NASL", "DEBIAN_DLA-670.NASL", "DEBIAN_DLA-793.NASL", "DEBIAN_DSA-3329.NASL", "DEBIAN_DSA-3682.NASL", "DEBIAN_DSA-3696.NASL", "EULEROS_SA-2019-1472.NASL", "EULEROS_SA-2019-1483.NASL", "EULEROS_SA-2019-1487.NASL", "EULEROS_SA-2019-1494.NASL", "EULEROS_SA-2019-1498.NASL", "EULEROS_SA-2019-1505.NASL", "EULEROS_SA-2019-1531.NASL", "EULEROS_SA-2019-1805.NASL", "EULEROS_SA-2019-1838.NASL", "EULEROS_SA-2019-1950.NASL", "EULEROS_SA-2019-2017.NASL", "EULEROS_SA-2020-1480.NASL", "EULEROS_SA-2020-2071.NASL", "EULEROS_SA-2020-2293.NASL", "EULEROS_SA-2020-2377.NASL", "EULEROS_SA-2021-1042.NASL", "EULEROS_SA-2021-1209.NASL", "EULEROS_SA-2021-1322.NASL", "EULEROS_SA-2021-1814.NASL", "F5_BIGIP_SOL17543.NASL", "FEDORA_2015-0515.NASL", "FEDORA_2015-0517.NASL", "FEDORA_2016-1CC00CDE2D.NASL", "FEDORA_2016-4F34F26649.NASL", "FEDORA_2016-66D9389548.NASL", "FEDORA_2016-7A3A0F0198.NASL", "FEDORA_2016-7AA3C89E7B.NASL", "FEDORA_2016-A7F9E86DF7.NASL", "FEDORA_2016-E523C37B4D.NASL", "FEDORA_2017-090A9C11DB.NASL", "FEDORA_2017-0BF77C4B1B.NASL", "FEDORA_2017-0D9BDBD9DD.NASL", "FEDORA_2017-1423C7B4B0.NASL", "FREEBSD_PKG_28BB6EE59B5C11E6B79919BEF72F4B7C.NASL", "GENTOO_GLSA-201701-28.NASL", "GENTOO_GLSA-201702-21.NASL", "MACOS_10_13.NASL", "MANDRIVA_MDVSA-2015-027.NASL", "MANDRIVA_MDVSA-2015-058.NASL", "NEWSTART_CGSL_NS-SA-2019-0152_KERNEL.NASL", "NEWSTART_CGSL_NS-SA-2021-0015_LIBVPX.NASL", "NEWSTART_CGSL_NS-SA-2021-0147_LIBVPX.NASL", "OPENSUSE-2015-301.NASL", "OPENSUSE-2015-302.NASL", "OPENSUSE-2016-1015.NASL", "OPENSUSE-2016-1277.NASL", "OPENSUSE-2016-1373.NASL", "OPENSUSE-2016-1403.NASL", "OPENSUSE-2016-1410.NASL", "OPENSUSE-2016-1426.NASL", "OPENSUSE-2016-1428.NASL", "OPENSUSE-2016-1431.NASL", "OPENSUSE-2017-277.NASL", "OPENSUSE-2017-58.NASL", "ORACLELINUX_ELSA-2015-1081.NASL", "ORACLELINUX_ELSA-2015-1137.NASL", "ORACLELINUX_ELSA-2015-1272.NASL", "ORACLELINUX_ELSA-2015-2152.NASL", "ORACLELINUX_ELSA-2015-3041.NASL", "ORACLELINUX_ELSA-2015-3042.NASL", "ORACLELINUX_ELSA-2015-3043.NASL", "ORACLELINUX_ELSA-2017-0817.NASL", "ORACLELINUX_ELSA-2017-1842-1.NASL", "ORACLELINUX_ELSA-2017-1842.NASL", "ORACLELINUX_ELSA-2017-3508.NASL", "ORACLELINUX_ELSA-2017-3509.NASL", "ORACLELINUX_ELSA-2017-3510.NASL", "ORACLELINUX_ELSA-2020-3876.NASL", "ORACLEVM_OVMSA-2015-0069.NASL", "ORACLEVM_OVMSA-2016-0037.NASL", "ORACLEVM_OVMSA-2017-0004.NASL", "ORACLEVM_OVMSA-2017-0005.NASL", "ORACLEVM_OVMSA-2017-0006.NASL", "ORACLEVM_OVMSA-2017-0057.NASL", "PHOTONOS_PHSA-2017-0001.NASL", "PHOTONOS_PHSA-2017-0001_LINUX.NASL", "REDHAT-RHSA-2015-1081.NASL", "REDHAT-RHSA-2015-1137.NASL", "REDHAT-RHSA-2015-1138.NASL", "REDHAT-RHSA-2015-1139.NASL", "REDHAT-RHSA-2015-2152.NASL", "REDHAT-RHSA-2017-0817.NASL", "REDHAT-RHSA-2017-1842.NASL", "REDHAT-RHSA-2017-2077.NASL", "REDHAT-RHSA-2017-2669.NASL", "REDHAT-RHSA-2020-3876.NASL", "SL_20150609_KERNEL_ON_SL6_X.NASL", "SL_20150623_KERNEL_ON_SL7_X.NASL", "SL_20170321_KERNEL_ON_SL6_X.NASL", "SL_20170801_KERNEL_ON_SL7_X.NASL", "SL_20201001_LIBVPX_ON_SL7_X.NASL", "SUSE_11_KERNEL-150306.NASL", "SUSE_SU-2015-0178-1.NASL", "SUSE_SU-2015-0652-1.NASL", "SUSE_SU-2015-0812-1.NASL", "SUSE_SU-2016-2898-1.NASL", "SUSE_SU-2016-2912-1.NASL", "SUSE_SU-2016-2976-1.NASL", "SUSE_SU-2016-3286-1.NASL", "SUSE_SU-2016-3287-1.NASL", "SUSE_SU-2017-0181-1.NASL", "SUSE_SU-2017-0333-1.NASL", "SUSE_SU-2017-0436-1.NASL", "SUSE_SU-2017-0471-1.NASL", "SUSE_SU-2017-0494-1.NASL", "SUSE_SU-2017-1301-1.NASL", "SUSE_SU-2017-1613-1.NASL", "UBUNTU_USN-2490-1.NASL", "UBUNTU_USN-2491-1.NASL", "UBUNTU_USN-2492-1.NASL", "UBUNTU_USN-2515-1.NASL", "UBUNTU_USN-2515-2.NASL", "UBUNTU_USN-2516-1.NASL", "UBUNTU_USN-2516-2.NASL", "UBUNTU_USN-2516-3.NASL", "UBUNTU_USN-2517-1.NASL", "UBUNTU_USN-2518-1.NASL", "UBUNTU_USN-3126-1.NASL", "UBUNTU_USN-3127-1.NASL", "UBUNTU_USN-3127-2.NASL", "UBUNTU_USN-3128-1.NASL", "UBUNTU_USN-3128-2.NASL", "UBUNTU_USN-3128-3.NASL", "UBUNTU_USN-3129-1.NASL", "UBUNTU_USN-3129-2.NASL", "UBUNTU_USN-3143-1.NASL", "UBUNTU_USN-3161-3.NASL", "UBUNTU_USN-3422-1.NASL", "VIRTUOZZO_VZA-2017-025.NASL"]}, {"type": "nvidia", "idList": ["NVIDIA:4490", "NVIDIA:4548", "NVIDIA:4549", "NVIDIA:4561"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105432", "OPENVAS:1361412562310123095", "OPENVAS:1361412562310123101", "OPENVAS:1361412562310123102", "OPENVAS:1361412562310123103", "OPENVAS:1361412562310123106", "OPENVAS:1361412562310130003", "OPENVAS:1361412562310130007", "OPENVAS:1361412562310131174", "OPENVAS:1361412562310703329", "OPENVAS:1361412562310703682", "OPENVAS:1361412562310703696", "OPENVAS:1361412562310809911", "OPENVAS:1361412562310809928", "OPENVAS:1361412562310809971", "OPENVAS:1361412562310809973", "OPENVAS:1361412562310810103", "OPENVAS:1361412562310811790", "OPENVAS:1361412562310842081", "OPENVAS:1361412562310842082", "OPENVAS:1361412562310842083", "OPENVAS:1361412562310842084", "OPENVAS:1361412562310842108", "OPENVAS:1361412562310842109", "OPENVAS:1361412562310842110", "OPENVAS:1361412562310842111", "OPENVAS:1361412562310842113", "OPENVAS:1361412562310842115", "OPENVAS:1361412562310842116", "OPENVAS:1361412562310842945", "OPENVAS:1361412562310842946", "OPENVAS:1361412562310842947", "OPENVAS:1361412562310842948", "OPENVAS:1361412562310842949", "OPENVAS:1361412562310842950", "OPENVAS:1361412562310842951", "OPENVAS:1361412562310842966", "OPENVAS:1361412562310842976", "OPENVAS:1361412562310842978", "OPENVAS:1361412562310843001", "OPENVAS:1361412562310843312", "OPENVAS:1361412562310850649", "OPENVAS:1361412562310850670", "OPENVAS:1361412562310850817", "OPENVAS:1361412562310850992", "OPENVAS:1361412562310850994", "OPENVAS:1361412562310851386", "OPENVAS:1361412562310851444", "OPENVAS:1361412562310851448", "OPENVAS:1361412562310851449", "OPENVAS:1361412562310851493", "OPENVAS:1361412562310851513", "OPENVAS:1361412562310868914", "OPENVAS:1361412562310868920", "OPENVAS:1361412562310871372", "OPENVAS:1361412562310871380", "OPENVAS:1361412562310871783", "OPENVAS:1361412562310871855", "OPENVAS:1361412562310872045", "OPENVAS:1361412562310872067", "OPENVAS:1361412562310872278", "OPENVAS:1361412562310872280", "OPENVAS:1361412562310872288", "OPENVAS:1361412562310872289", "OPENVAS:1361412562310882195", "OPENVAS:1361412562310882205", "OPENVAS:1361412562311220191472", "OPENVAS:1361412562311220191483", "OPENVAS:1361412562311220191487", "OPENVAS:1361412562311220191494", "OPENVAS:1361412562311220191498", "OPENVAS:1361412562311220191505", "OPENVAS:1361412562311220191531", "OPENVAS:1361412562311220191805", "OPENVAS:1361412562311220191838", "OPENVAS:1361412562311220191950", "OPENVAS:1361412562311220192017", "OPENVAS:1361412562311220201480", "OPENVAS:703329", "OPENVAS:703682", "OPENVAS:703696"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2018", "ORACLE:CPUOCT2018-4428296"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-1081", "ELSA-2015-1137", "ELSA-2015-3041", "ELSA-2015-3042", "ELSA-2015-3043", "ELSA-2017-0817", "ELSA-2017-1842", "ELSA-2017-1842-1", "ELSA-2017-3508", "ELSA-2017-3509", "ELSA-2017-3510", "ELSA-2020-3876"]}, {"type": "osv", "idList": ["OSV:DLA-155-1", "OSV:DLA-648-1", "OSV:DLA-670-1", "OSV:DLA-793-1", "OSV:DSA-3329-1", "OSV:DSA-3682-1", "OSV:DSA-3696-1"]}, {"type": "redhat", "idList": ["RHSA-2015:1081", "RHSA-2015:1137", "RHSA-2015:1138", "RHSA-2015:1139", "RHSA-2015:2152", "RHSA-2017:0002", "RHSA-2017:0817", "RHSA-2017:1842", "RHSA-2017:2077", "RHSA-2017:2669", "RHSA-2020:3876"]}, {"type": "redhatcve", "idList": ["RH:CVE-2016-5180", "RH:CVE-2016-7042", "RH:CVE-2016-9754", "RH:CVE-2017-0381", "RH:CVE-2017-0386", "RH:CVE-2017-0393", "RH:CVE-2017-0403", "RH:CVE-2017-0404"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:31621", "SECURITYVULNS:VULN:14217", "SECURITYVULNS:VULN:14579"]}, {"type": "seebug", "idList": ["SSV:92803", "SSV:92874", "SSV:93103", "SSV:93140"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2015:0713-1", "OPENSUSE-SU-2015:0714-1", "OPENSUSE-SU-2016:2144-1", "OPENSUSE-SU-2016:3021-1", "OPENSUSE-SU-2016:3050-1", "OPENSUSE-SU-2016:3058-1", "OPENSUSE-SU-2016:3061-1", "OPENSUSE-SU-2017:0510-1", "SUSE-SU-2015:0178-1", "SUSE-SU-2015:0581-1", "SUSE-SU-2015:0652-1", "SUSE-SU-2015:0736-1", "SUSE-SU-2015:0812-1", "SUSE-SU-2016:2912-1", "SUSE-SU-2016:2976-1", "SUSE-SU-2016:3304-1", "SUSE-SU-2017:0181-1", "SUSE-SU-2017:0333-1", "SUSE-SU-2017:0436-1", "SUSE-SU-2017:0471-1", "SUSE-SU-2017:0494-1", "SUSE-SU-2017:1102-1", "SUSE-SU-2017:1301-1", "SUSE-SU-2017:1613-1", "SUSE-SU-2017:2342-1"]}, {"type": "threatpost", "idList": ["THREATPOST:31CC2AAB573ADB552A7892E2787C8764", "THREATPOST:893B03F04798265D72F00A7762693EAD", "THREATPOST:AA5A156F9AAE63DEC363D924F7ABEF36"]}, {"type": "ubuntu", "idList": ["USN-2490-1", "USN-2491-1", "USN-2492-1", "USN-2493-1", "USN-2515-1", "USN-2515-2", "USN-2516-1", "USN-2516-2", "USN-2516-3", "USN-2517-1", "USN-2518-1", "USN-2664-1", "USN-2665-1", "USN-2667-1", "USN-2680-1", "USN-2681-1", "USN-3126-1", "USN-3126-2", "USN-3127-1", "USN-3127-2", "USN-3128-1", "USN-3128-2", "USN-3128-3", "USN-3129-1", "USN-3129-2", "USN-3143-1", "USN-3161-3", "USN-3422-1", "USN-3422-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2014-9420", "UB:CVE-2015-3288", "UB:CVE-2015-5706", "UB:CVE-2016-5180", "UB:CVE-2016-7042", "UB:CVE-2016-8467", "UB:CVE-2016-9754", "UB:CVE-2017-0381", "UB:CVE-2017-0387", "UB:CVE-2017-0390", "UB:CVE-2017-0391", "UB:CVE-2017-0392", "UB:CVE-2017-0393", "UB:CVE-2017-0396", "UB:CVE-2017-0397"]}, {"type": "virtuozzo", "idList": ["VZA-2017-024", "VZA-2017-025"]}]}, "score": {"value": 0.7, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS2-2020-1558"]}, {"type": "android", "idList": ["ANDROID:CVE-2015-3288", "ANDROID:CVE-2016-8422", "ANDROID:CVE-2016-8423", "ANDROID:CVE-2016-8424", "ANDROID:CVE-2016-8425", "ANDROID:CVE-2016-8426", "ANDROID:CVE-2016-8427", "ANDROID:CVE-2016-8428", "ANDROID:CVE-2016-8429", "ANDROID:CVE-2016-8430", "ANDROID:CVE-2016-8431", "ANDROID:CVE-2016-8432", "ANDROID:CVE-2016-8433", "ANDROID:CVE-2016-8434", "ANDROID:CVE-2016-8435", "ANDROID:CVE-2016-8436", "ANDROID:CVE-2016-8438", "ANDROID:CVE-2016-8442", "ANDROID:CVE-2016-8443", "ANDROID:CVE-2016-8482"]}, {"type": "androidsecurity", "idList": ["ANDROID:2017-06-01"]}, {"type": "apple", "idList": ["APPLE:064D138B51FD5A1569959D1A78DD6E63"]}, {"type": "archlinux", "idList": ["ASA-201609-31"]}, {"type": "centos", "idList": ["CESA-2020:3876"]}, {"type": "cert", "idList": ["VU:790839"]}, {"type": "chrome", "idList": ["GCSA-6268357615254221416"]}, {"type": "cisco", "idList": ["CISCO-SA-20160721-ASN1C"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:ADC0B498E15923BC9D8697B0215001CD"]}, {"type": "cve", "idList": ["CVE-2014-9420", "CVE-2015-5706", "CVE-2016-5180", "CVE-2016-7042"]}, {"type": "debian", "idList": ["DEBIAN:DLA-793-1:EE118", "DEBIAN:DSA-3682-1:AFE87"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2017-0386", "DEBIANCVE:CVE-2017-0393"]}, {"type": "f5", "idList": ["SOL77323091"]}, {"type": "fedora", "idList": ["FEDORA:02A94607697D", "FEDORA:200FA60CA522", "FEDORA:4CCA8606510C", "FEDORA:5E53060CA22C"]}, {"type": "freebsd", "idList": ["28BB6EE5-9B5C-11E6-B799-19BEF72F4B7C"]}, {"type": "gentoo", "idList": ["GLSA-201702-21"]}, {"type": "ibm", "idList": ["88960AAC513984E9BC256E1ABC8426805B1F10DADC462A85133E242CAAF21FEA"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/SUSE-CVE-2015-3288/"]}, {"type": "myhack58", "idList": ["MYHACK58:62201786520"]}, {"type": "nessus", "idList": ["AL2_ALAS-2020-1558.NASL", "DEBIAN_DLA-648.NASL", "DEBIAN_DLA-670.NASL", "DEBIAN_DSA-3682.NASL", "DEBIAN_DSA-3696.NASL", "EULEROS_SA-2021-1814.NASL", "FEDORA_2016-1CC00CDE2D.NASL", "FEDORA_2016-66D9389548.NASL", "FEDORA_2016-7AA3C89E7B.NASL", "FEDORA_2016-A7F9E86DF7.NASL", "GENTOO_GLSA-201702-21.NASL", "OPENSUSE-2017-277.NASL", "SUSE_SU-2017-0436-1.NASL", "UBUNTU_USN-3161-3.NASL"]}, {"type": "nvidia", "idList": ["NVIDIA:4490", "NVIDIA:4549"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310851449", "OPENVAS:1361412562310851493", "OPENVAS:1361412562310868920", "OPENVAS:1361412562310872278", "OPENVAS:1361412562310872280", "OPENVAS:1361412562310872288", "OPENVAS:1361412562310872289", "OPENVAS:1361412562311220191487"]}, {"type": "oraclelinux", "idList": ["ELSA-2015-3043"]}, {"type": "redhat", "idList": ["RHSA-2017:0817"]}, {"type": "redhatcve", "idList": ["RH:CVE-2017-0381", "RH:CVE-2017-0386", "RH:CVE-2017-0393", "RH:CVE-2017-0403", "RH:CVE-2017-0404"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:14579"]}, {"type": "seebug", "idList": ["SSV:92803", "SSV:92874", "SSV:93103", "SSV:93140"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2017:0510-1", "SUSE-SU-2017:0436-1"]}, {"type": "threatpost", "idList": ["THREATPOST:64D38F6418BD506C1B880D6E79D93D81", "THREATPOST:AA5A156F9AAE63DEC363D924F7ABEF36"]}, {"type": "ubuntu", "idList": ["USN-2664-1", "USN-3422-2"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2015-3288", "UB:CVE-2016-8467", "UB:CVE-2016-9754", "UB:CVE-2017-0381", "UB:CVE-2017-0387", "UB:CVE-2017-0390", "UB:CVE-2017-0391", "UB:CVE-2017-0392", "UB:CVE-2017-0393", "UB:CVE-2017-0396", "UB:CVE-2017-0397"]}, {"type": "virtuozzo", "idList": ["VZA-2017-025"]}]}, "exploitation": null, "affected_software": {"major_version": []}, "epss": [{"cve": "CVE-2014-9420", "epss": "0.000440000", "percentile": "0.081930000", "modified": "2023-03-17"}, {"cve": "CVE-2015-3288", "epss": "0.000420000", "percentile": "0.056410000", "modified": "2023-03-17"}, {"cve": "CVE-2015-5706", "epss": "0.000420000", "percentile": "0.056410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-5080", "epss": "0.007000000", "percentile": "0.772340000", "modified": "2023-03-17"}, {"cve": "CVE-2016-5180", "epss": "0.068950000", "percentile": "0.927970000", "modified": "2023-03-17"}, {"cve": "CVE-2016-5345", "epss": "0.000420000", "percentile": "0.056410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-7042", "epss": "0.001220000", "percentile": "0.448640000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8398", "epss": "0.002440000", "percentile": "0.606330000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8412", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8415", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8422", "epss": "0.000570000", "percentile": "0.216660000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8423", "epss": "0.000570000", "percentile": "0.216660000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8424", "epss": "0.001670000", "percentile": "0.516670000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8425", "epss": "0.001670000", "percentile": "0.516670000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8426", "epss": "0.001670000", "percentile": "0.516670000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8427", "epss": "0.001670000", "percentile": "0.516670000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8428", "epss": "0.001670000", "percentile": "0.516670000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8429", "epss": "0.001670000", "percentile": "0.516670000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8430", "epss": "0.001670000", "percentile": "0.516670000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8431", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8432", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8433", "epss": "0.000570000", "percentile": "0.216660000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8434", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8435", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8436", "epss": "0.000470000", "percentile": "0.144370000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8437", "epss": "0.002890000", "percentile": "0.640940000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8438", "epss": "0.002440000", "percentile": "0.606330000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8439", "epss": "0.002890000", "percentile": "0.640940000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8440", "epss": "0.002200000", "percentile": "0.581890000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8441", "epss": "0.000440000", "percentile": "0.102230000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8442", "epss": "0.000440000", "percentile": "0.102230000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8443", "epss": "0.000440000", "percentile": "0.102230000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8444", "epss": "0.000600000", "percentile": "0.231270000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8445", "epss": "0.000660000", "percentile": "0.268740000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8446", "epss": "0.000570000", "percentile": "0.216660000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8447", "epss": "0.000570000", "percentile": "0.216660000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8448", "epss": "0.000570000", "percentile": "0.216660000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8449", "epss": "0.001670000", "percentile": "0.516670000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8450", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8451", "epss": "0.000740000", "percentile": "0.300330000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8452", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8453", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8454", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8455", "epss": "0.000600000", "percentile": "0.231270000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8456", "epss": "0.000600000", "percentile": "0.231270000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8457", "epss": "0.000600000", "percentile": "0.231270000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8458", "epss": "0.000600000", "percentile": "0.231270000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8459", "epss": "0.002440000", "percentile": "0.606330000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8460", "epss": "0.000690000", "percentile": "0.281550000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8461", "epss": "0.000420000", "percentile": "0.056410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8462", "epss": "0.000420000", "percentile": "0.056410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8463", "epss": "0.001580000", "percentile": "0.506350000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8464", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8465", "epss": "0.001670000", "percentile": "0.516670000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8466", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8467", "epss": "0.000420000", "percentile": "0.056410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8468", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8469", "epss": "0.000690000", "percentile": "0.281550000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8470", "epss": "0.000540000", "percentile": "0.197720000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8471", "epss": "0.000540000", "percentile": "0.197720000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8472", "epss": "0.000540000", "percentile": "0.197720000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8473", "epss": "0.000690000", "percentile": "0.281550000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8474", "epss": "0.000690000", "percentile": "0.281550000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8475", "epss": "0.000690000", "percentile": "0.281550000", "modified": "2023-03-17"}, {"cve": "CVE-2016-8482", "epss": "0.000440000", "percentile": "0.102230000", "modified": "2023-03-17"}, {"cve": "CVE-2016-9754", "epss": "0.000420000", "percentile": "0.056410000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0381", "epss": "0.001620000", "percentile": "0.510730000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0382", "epss": "0.001080000", "percentile": "0.421020000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0383", "epss": "0.000660000", "percentile": "0.268740000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0384", "epss": "0.001400000", "percentile": "0.480460000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0385", "epss": "0.000660000", "percentile": "0.268740000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0386", "epss": "0.000660000", "percentile": "0.268740000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0387", "epss": "0.000660000", "percentile": "0.268740000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0388", "epss": "0.000440000", "percentile": "0.102230000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0389", "epss": "0.001320000", "percentile": "0.464330000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0390", "epss": "0.001790000", "percentile": "0.533770000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0391", "epss": "0.002220000", "percentile": "0.585770000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0392", "epss": "0.001790000", "percentile": "0.533770000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0393", "epss": "0.001790000", "percentile": "0.533770000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0394", "epss": "0.001140000", "percentile": "0.433190000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0395", "epss": "0.000550000", "percentile": "0.209420000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0396", "epss": "0.000790000", "percentile": "0.322970000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0397", "epss": "0.000790000", "percentile": "0.322970000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0398", "epss": "0.000540000", "percentile": "0.197720000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0399", "epss": "0.000790000", "percentile": "0.322970000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0400", "epss": "0.000790000", "percentile": "0.322970000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0401", "epss": "0.000790000", "percentile": "0.322970000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0402", "epss": "0.000880000", "percentile": "0.361520000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0403", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}, {"cve": "CVE-2017-0404", "epss": "0.000710000", "percentile": "0.287410000", "modified": "2023-03-17"}], "vulnersScore": 0.7}, "_state": {"dependencies": 1660586653, "score": 1660588736, "affected_software_major_version": 1666691171, "epss": 1679112172}, "_internal": {"score_hash": "5ba60c2448a7f533cff6c9f9eedfd51f"}, "affectedSoftware": []}

{"threatpost": [{"lastseen": "2018-10-06T22:54:17", "description": "Google has patched ten critical vulnerabilities tied to problem-plagued Android components like Mediaserver, NVIDIA\u2019s GPU driver, and Qualcomm\u2019s driver. The most serious bug, according to Google\u2019s [January Android Security Bulletin,](<https://source.android.com/security/bulletin/2017-01-01.html#security-vulnerability-summary>) is the Mediaserver vulnerability.\n\n\u201cThe most severe of these issues is a critical security vulnerability (CVE-2017-0381) that could enable remote code execution on an affected device through multiple methods such as email, web browsing, and MMS when processing media files,\u201d according to the bulletin.\n\nThe Android Mediaserver component has been patched nearly three dozen times since the [Stagefright vulnerability](<https://threatpost.com/android-stagefright-flaws-put-950-million-devices-at-risk/113960/>) was discovered in August of 2015. Along with the Mediaserver RCE vulnerability, Google identified several other flaws within the Mediaserver component such as (CVE-2017-0390) a denial of service vulnerability (CVE-2017-0387) and an elevation of privilege vulnerability \u2013 both classified as high risk.\n\nThe patches are part of Google\u2019s monthly over-the-air security update for Android Nexus devices. Google said the first wave of patches for its Nexus handsets were available on January 1. Supported Google devices will receive a single over-the-air update on January 5, according to Google.\n\nSamsung and LG have also released January patches for their Android devices and have committed to sending Google and their own over-the-air patches to affected devices as soon as possible.\n\n\u201cWhile we are doing our best to deliver the security patches as soon as possible to all applicable models, delivery time of security patches may vary depending on the regions and models,\u201d Samsung\u2019s [January security bulletin](<http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017>) reads.\n\n\u201cWe have had no reports of active customer exploitation or abuse of these newly reported issues,\u201d according to Google. In all, just under 100 CVEs were fixed as part of Google\u2019s January bulletin. Of those CVEs, 29 were rated critical, 41 were rated high and 26 were considered moderate risk vulnerabilities.\n\nAmong the other critical vulnerabilities patched by Google is an elevation of privilege vulnerability (CVE-2016-8424) identified in NVIDIA\u2019s GPU driver as well as in Qualcomm\u2019s bootloader (CVE-2016-8422). Additional critical elevation of privileges vulnerabilities were identified within several Qualcomm components such as cameras (CVE-2016-8412) used in Android Snapdragon phones made by LG and Samsung. Like Mediaserver, Qualcomm\u2019s components have also been aggressively patched by Google with the most notable flaw, QuadRooter, having been [identified in August 2016](<https://threatpost.com/quadrooter-flaw-in-qualcomm-chips-puts-900m-android-devices-at-risk/119713/>).\n\nAdditional security issues were identified and patched in lesser-known Android components such as C-ares (CVE-2016-5180), Framesequence (CVE-2017-0382) and libnl (CVE-2017-0386).\n\n\u201cAn elevation of privilege vulnerability in the libnl library could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as high because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application,\u201d Google wrote.\n\nGoogle thanked nearly 40 individuals and teams for finding and reporting vulnerabilities in the January Android Security Bulletin. Trend Micro researcher Peter Pi and Trend Micro\u2019s Mobile Threat Research Team are credited with finding what Google identified as the most serious Mediaserver vulnerability, along with seven additional critical vulnerabilities. Researchers at C0RE Team are credited for identifying a critical bug (CVE-2016-8435) tied to an elevation of privilege vulnerability in NVIDIA GPU driver.\n\nVendors such as LG and Samsung have also released updates to their Android devices. Last [week LG](<https://lgsecurity.lge.com/>) notified its users of eight patches tied to its G3, G4, G4 Stylus, G5, V10, V20, CK, and G Stylo Android devices. Samsung notified users of [28 Samsung](<http://security.samsungmobile.com/smrupdate.html#SMR-JAN-2017>) device-specific vulnerabilities.\n", "cvss3": {}, "published": "2017-01-04T13:33:01", "type": "threatpost", "title": "Google Patches 29 Critical Android Vulnerabilities Including Holes in Mediaserver, Qualcomm", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2016-5180", "CVE-2016-8412", "CVE-2016-8422", "CVE-2016-8424", "CVE-2016-8435", "CVE-2017-0381", "CVE-2017-0382", "CVE-2017-0386", "CVE-2017-0387", "CVE-2017-0390"], "modified": "2017-01-04T18:33:01", "id": "THREATPOST:893B03F04798265D72F00A7762693EAD", "href": "https://threatpost.com/google-patches-29-critical-android-vulnerabilities-including-holes-in-mediaserver-qualcomm/122852/", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nvidia": [{"lastseen": "2021-02-03T00:29:30", "description": "### Vulnerability Details\n\nThe following sections summarize the vulnerabilities and list their [CVSS](<https://www.first.org/cvss/user-guide>) risk assessments.\n\n#### CVE-2016-8424\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVMAP, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges.\n\nCVSS Base Score: 7.8 \nCVSS Temporal Score: 7.0 \nCVSS Vector: [CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C>)\n\n#### CVE-2016-8425\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVHOST, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges.\n\nCVSS Base Score: 7.8 \nCVSS Temporal Score: 7.0 \nCVSS Vector: [CVSS:3.0 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C>)\n\n#### CVE-2016-8427\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVHOST, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges.\n\nCVSS Base Score: 7.8 \nCVSS Temporal Score: 7.0 \nCVSS Vector: [CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C>)\n\n#### CVE-2016-8428\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVMAP, where there is the potential to read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or possible escalation of privileges.\n\nCVSS Base Score: 7.8 \nCVSS Temporal Score: 7.0 \nCVSS Vector: [CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2016-8428&vector=AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H>)\n\n#### CVE-2016-8429\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVMAP, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges.\n\nCVSS Base Score: 7.8 \nCVSS Temporal Score: 7.0 \nCVSS Vector: [CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C>)\n\n#### CVE-2016-8430\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVHOST, where a user-after-free may lead to denial of service or possible escalation of privilege.\n\nCVSS Base Score: 7.8 \nCVSS Temporal Score: 7.0 \nCVSS Vector: [CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2016-8430&vector=AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H>)\n\n#### CVE-2017-0331\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVMAP, where the offset and size can change between the check and then be used in a way that invalidates the results of the check, which may lead to a denial of service or possible escalation of privileges.\n\nCVSS Base Score: 7.8 \nCVSS Temporal Score: 7.0 \nCVSS Vector: [CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C>)\n\n#### CVE-2016-8400\n\nNVIDIA Tegra kernel driver contains a vulnerability in the NVIDIA Tegra library (`libnvrm`), where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges.\n\nCVSS Base Score 7.1 \nCVSS Temporal Score 6.4 \nCVSS Vector [CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H/E:P/RL:O/RC:C>)\n\n#### CVE-2017-0429\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVHOST, where an attacker has the ability to write an arbitrary value to an arbitrary location, which may lead to an escalation of privileges.\n\nCVSS Base Score: 7.1 \nCVSS Temporal Score: 6.4 \nCVSS Vector: [CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N/E:P/RL:O/RC:C>)\n\n#### CVE-2017-0448\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVHOST, where referencing memory after it has been freed may lead to unauthorized information disclosure.\n\nCVSS Base Score: 7.1 \nCVSS Temporal Score: 6.4 \nCVSS Vector: [CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?name=CVE-2017-0448&vector=AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N>)\n\n#### CVE-2016-8449\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVAVP, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges.\n\nCVSS Base Score: 7.0 \nCVSS Temporal Score: 6.3 \nCVSS Vector: [CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:P/RL:O/RC:C>)\n\n#### CVE-2016-8460\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA NVMAP, where uninitialized stack memory may be leaked to the user, leading to possible information disclosure.\n\nCVSS Base Score: 5.5 \nCVSS Temporal Score: 5.0 \nCVSS Vector: [CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C>)\n\n#### CVE-2016-8395\n\nNVIDIA Tegra kernel driver contains a vulnerability in NVIDIA Camera, where the buffer being overwritten is allocated on the stack, which may lead to a local permanent denial of service or possible escalation of privileges, which may require reflashing of the operating system to repair the device.\n\nCVSS Base Score: 4.0 \nCVSS Temporal Score: 3.6 \nCVSS Vector: [CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C](<https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:L/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H/E:P/RL:O/RC:C>)\n\n \n\n\n_NVIDIA\u2019s risk assessment is based on an average of risk across a diverse set of installed systems and may not represent the true risk of your local installation. NVIDIA recommends consulting a security or IT professional to evaluate the risk of your specific configuration. NVIDIA doesn\u2019t know of any exploits to these issues at this time._\n", "cvss3": {}, "published": "2017-06-14T00:00:00", "type": "nvidia", "title": "Security Bulletin: NVIDIA Shield TV and Tablet contain multiple vulnerabilities", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2016-8395", "CVE-2016-8400", "CVE-2016-8424", "CVE-2016-8425", "CVE-2016-8427", "CVE-2016-8428", "CVE-2016-8429", "CVE-2016-8430", "CVE-2016-8449", "CVE-2016-8460", "CVE-2017-0331", "CVE-2017-0429", "CVE-2017-0448"], "modified": "2017-06-22T10:55:00", "id": "NVIDIA:4490", "href": "http://nvidia.custhelp.com/app/answers/detail/a_id/4490", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2023-01-26T13:20:44", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n\nIt was discovered that the compression handling code in the Advanced Linux \nSound Architecture (ALSA) subsystem in the Linux kernel did not properly \ncheck for an integer overflow. A local attacker could use this to cause a \ndenial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did \nnot properly handle anonymous pages. A local attacker could use this to \ncause a denial of service or possibly gain administrative privileges. \n(CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress \nhugetlbfs support in X86 paravirtualized guests. An attacker in the guest \nOS could cause a denial of service (guest system crash). (CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel \ncontained a buffer overflow when displaying timeout events via the \n/proc/keys interface. A local attacker could use this to cause a denial of \nservice (system crash). (CVE-2016-7042)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-11-11T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9904", "CVE-2015-3288", "CVE-2016-3961", "CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3127-1", "href": "https://ubuntu.com/security/notices/USN-3127-1", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T13:20:45", "description": "## Releases\n\n * Ubuntu 12.04 \n\n## Packages\n\n * linux-lts-trusty \\- Linux hardware enablement kernel from Trusty for Precise\n\nUSN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 \nLTS. This update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu \n12.04 LTS.\n\nIt was discovered that the compression handling code in the Advanced Linux \nSound Architecture (ALSA) subsystem in the Linux kernel did not properly \ncheck for an integer overflow. A local attacker could use this to cause a \ndenial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did \nnot properly handle anonymous pages. A local attacker could use this to \ncause a denial of service or possibly gain administrative privileges. \n(CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress \nhugetlbfs support in X86 paravirtualized guests. An attacker in the guest \nOS could cause a denial of service (guest system crash). (CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel \ncontained a buffer overflow when displaying timeout events via the \n/proc/keys interface. A local attacker could use this to cause a denial of \nservice (system crash). (CVE-2016-7042)\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-11-11T00:00:00", "type": "ubuntu", "title": "Linux kernel (Trusty HWE) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9904", "CVE-2015-3288", "CVE-2016-3961", "CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3127-2", "href": "https://ubuntu.com/security/notices/USN-3127-2", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T13:20:28", "description": "## Releases\n\n * Ubuntu 16.10 \n * Ubuntu 16.04 ESM\n * Ubuntu 14.04 ESM\n * Ubuntu 12.04 \n\n## Packages\n\n * c-ares \\- library for asynchronous name resolves\n\nGzob Qq discovered that c-ares incorrectly handled certain hostnames. A \nremote attacker could use this issue to cause applications using c-ares to \ncrash, resulting in a denial of service, or possibly execute arbitrary \ncode.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-11-30T00:00:00", "type": "ubuntu", "title": "c-ares vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5180"], "modified": "2016-11-30T00:00:00", "id": "USN-3143-1", "href": "https://ubuntu.com/security/notices/USN-3143-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T13:20:40", "description": "## Releases\n\n * Ubuntu 14.04 ESM\n\n## Packages\n\n * linux-lts-xenial \\- Linux hardware enablement kernel from Xenial for Trusty\n\nUSN-3128-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 \nLTS. This update provides the corresponding updates for the Linux \nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu \n14.04 LTS.\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel \ncontained a buffer overflow when displaying timeout events via the \n/proc/keys interface. A local attacker could use this to cause a denial of \nservice (system crash).\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-11-11T00:00:00", "type": "ubuntu", "title": "Linux kernel (Xenial HWE) vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3128-2", "href": "https://ubuntu.com/security/notices/USN-3128-2", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-26T13:20:40", "description": "## Releases\n\n * Ubuntu 16.10 \n\n## Packages\n\n * linux \\- Linux kernel\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel \ncontained a buffer overflow when displaying timeout events via the \n/proc/keys interface. A local attacker could use this to cause a denial of \nservice (system crash).\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-11-11T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3129-1", "href": "https://ubuntu.com/security/notices/USN-3129-1", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-26T13:20:41", "description": "## Releases\n\n * Ubuntu 16.10 \n\n## Packages\n\n * linux-raspi2 \\- Linux kernel for Raspberry Pi 2\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel \ncontained a buffer overflow when displaying timeout events via the \n/proc/keys interface. A local attacker could use this to cause a denial of \nservice (system crash). (CVE-2016-7042)\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-11-11T00:00:00", "type": "ubuntu", "title": "Linux kernel (Raspberry Pi 2) vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3129-2", "href": "https://ubuntu.com/security/notices/USN-3129-2", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-26T13:20:41", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * linux \\- Linux kernel\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel \ncontained a buffer overflow when displaying timeout events via the \n/proc/keys interface. A local attacker could use this to cause a denial of \nservice (system crash).\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-11-11T00:00:00", "type": "ubuntu", "title": "Linux kernel vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3128-1", "href": "https://ubuntu.com/security/notices/USN-3128-1", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-26T13:20:40", "description": "## Releases\n\n * Ubuntu 16.04 ESM\n\n## Packages\n\n * linux-snapdragon \\- Linux kernel for Snapdragon Processors\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel \ncontained a buffer overflow when displaying timeout events via the \n/proc/keys interface. A local attacker could use this to cause a denial of \nservice (system crash).\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-11-11T00:00:00", "type": "ubuntu", "title": "Linux kernel (Qualcomm Snapdragon) vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7042"], "modified": "2016-11-11T00:00:00", "id": "USN-3128-3", "href": "https://ubuntu.com/security/notices/USN-3128-3", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2019-05-29T18:35:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-trusty USN-3127-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3288", "CVE-2016-3961", "CVE-2014-9904", "CVE-2016-7042"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842949", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842949", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-trusty USN-3127-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842949\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-11 11:15:39 +0100 (Fri, 11 Nov 2016)\");\n script_cve_id(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-trusty USN-3127-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-trusty'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3127-1 fixed vulnerabilities in the\n Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding\n updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS\n for Ubuntu 12.04 LTS.\n\nIt was discovered that the compression handling code in the Advanced Linux\nSound Architecture (ALSA) subsystem in the Linux kernel did not properly\ncheck for an integer overflow. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did\nnot properly handle anonymous pages. A local attacker could use this to\ncause a denial of service or possibly gain administrative privileges.\n(CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress\nhugetlbfs support in X86 paravirtualized guests. An attacker in the guest\nOS could cause a denial of service (guest system crash). (CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel\ncontained a buffer overflow when displaying timeout events via the\n/proc/keys interface. A local attacker could use this to cause a denial of\nservice (system crash). (CVE-2016-7042)\");\n script_tag(name:\"affected\", value:\"linux-lts-trusty on Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3127-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3127-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU12\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-generic\", ver:\"3.13.0-101.148~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-generic-lpae\", ver:\"3.13.0-101.148~precise1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-trusty\", ver:\"3.13.0.101.92\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-trusty\", ver:\"3.13.0.101.92\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3127-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2015-3288", "CVE-2016-3961", "CVE-2014-9904", "CVE-2016-7042"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842951", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842951", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3127-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842951\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-11 11:15:46 +0100 (Fri, 11 Nov 2016)\");\n script_cve_id(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3127-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"It was discovered that the compression\n handling code in the Advanced Linux Sound Architecture (ALSA) subsystem in the\n Linux kernel did not properly check for an integer overflow. A local attacker\n could use this to cause a denial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did\nnot properly handle anonymous pages. A local attacker could use this to\ncause a denial of service or possibly gain administrative privileges.\n(CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress\nhugetlbfs support in X86 paravirtualized guests. An attacker in the guest\nOS could cause a denial of service (guest system crash). (CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel\ncontained a buffer overflow when displaying timeout events via the\n/proc/keys interface. A local attacker could use this to cause a denial of\nservice (system crash). (CVE-2016-7042)\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3127-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3127-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-generic\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-generic-lpae\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-lowlatency\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-powerpc-e500\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-powerpc-e500mc\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-powerpc-smp\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-powerpc64-emb\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-3.13.0-101-powerpc64-smp\", ver:\"3.13.0-101.148\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"3.13.0.101.109\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-04-07T18:46:35", "description": "The remote host is missing a security patch.", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "openvas", "title": "F5 BIG-IP - SOL17543 - Linux kernel vulnerability CVE-2014-9420", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9420"], "modified": "2020-04-03T00:00:00", "id": "OPENVAS:1361412562310105432", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105432", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# F5 BIG-IP - SOL17543 - Linux kernel vulnerability CVE-2014-9420\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/h:f5:big-ip\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105432\");\n script_cve_id(\"CVE-2014-9420\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_version(\"2020-04-03T06:15:47+0000\");\n\n script_name(\"F5 BIG-IP - SOL17543 - Linux kernel vulnerability CVE-2014-9420\");\n\n script_xref(name:\"URL\", value:\"https://support.f5.com/kb/en-us/solutions/public/17000/500/sol17543.html\");\n\n script_tag(name:\"impact\", value:\"A local authenticated attacker may cause a denial-of-service (DoS) to the system by using a specially crafted ISO image.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image. (CVE-2014-9420)\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing a security patch.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"2020-04-03 06:15:47 +0000 (Fri, 03 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-11-05 20:04:05 +0100 (Thu, 05 Nov 2015)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"F5 Local Security Checks\");\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_dependencies(\"gb_f5_big_ip_version.nasl\");\n script_mandatory_keys(\"f5/big_ip/version\", \"f5/big_ip/active_modules\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"list_array_func.inc\");\ninclude(\"f5.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) )\n exit( 0 );\n\ncheck_f5['LTM'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AAM'] = make_array( 'affected', '11.4.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AFM'] = make_array( 'affected', '11.3.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['AVR'] = make_array( 'affected', '11.0.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['APM'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['ASM'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['LC'] = make_array( 'affected', '11.0.0-11.6.0;10.1.0-10.2.4;',\n 'unaffected', '12.0.0;' );\n\ncheck_f5['PEM'] = make_array( 'affected', '11.3.0-11.6.0;',\n 'unaffected', '12.0.0;' );\n\nif( report = f5_is_vulnerable( ca:check_f5, version:version ) ) {\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:34:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-c-ares FEDORA-2016-a7f9e86df7", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809971", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809971", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-c-ares FEDORA-2016-a7f9e86df7\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809971\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 18:00:35 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-5180\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-c-ares FEDORA-2016-a7f9e86df7\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-c-ares'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-c-ares on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-a7f9e86df7\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2CCBXGNNJ44FL6MXU3APODQVFB6W3V3Z\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-c-ares\", rpm:\"mingw-c-ares~1.12.0~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:32", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for c-ares FEDORA-2016-1cc00cde2d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809973", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809973", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for c-ares FEDORA-2016-1cc00cde2d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809973\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 17:59:40 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-5180\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for c-ares FEDORA-2016-1cc00cde2d\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'c-ares'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"c-ares on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-1cc00cde2d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OQW7RIGFHOLW56RMND6NLIVXUTRSTZYA\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"c-ares\", rpm:\"c-ares~1.12.0~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-01T00:00:00", "type": "openvas", "title": "Ubuntu Update for c-ares USN-3143-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842966", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842966", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for c-ares USN-3143-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842966\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-01 05:39:06 +0100 (Thu, 01 Dec 2016)\");\n script_cve_id(\"CVE-2016-5180\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for c-ares USN-3143-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'c-ares'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Gzob Qq discovered that c-ares incorrectly\n handled certain hostnames. A remote attacker could use this issue to cause\n applications using c-ares to crash, resulting in a denial of service, or\n possibly execute arbitrary code.\");\n script_tag(name:\"affected\", value:\"c-ares on Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS,\n Ubuntu 12.04 LTS,\n Ubuntu 16.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3143-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3143-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|12\\.04 LTS|16\\.04 LTS|16\\.10)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc-ares2\", ver:\"1.10.0-2ubuntu0.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc-ares2\", ver:\"1.7.5-1ubuntu0.1\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc-ares2\", ver:\"1.10.0-3ubuntu0.1\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libc-ares2\", ver:\"1.11.0-1ubuntu0.1\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:55:10", "description": "Gzob Qq discovered that the\nquery-building functions in c-ares, an asynchronous DNS request library would\nnot correctly process crafted query names, resulting in a heap buffer overflow\nand potentially leading to arbitrary code execution.", "cvss3": {}, "published": "2016-10-05T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3682-1 (c-ares - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703682", "href": "http://plugins.openvas.org/nasl.php?oid=703682", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3682.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3682-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703682);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-5180\");\n script_name(\"Debian Security Advisory DSA 3682-1 (c-ares - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-05 15:43:05 +0530 (Wed, 05 Oct 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3682.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"c-ares on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 1.10.0-2+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.12.0-1.\n\nWe recommend that you upgrade your c-ares packages.\");\n script_tag(name: \"summary\", value: \"Gzob Qq discovered that the\nquery-building functions in c-ares, an asynchronous DNS request library would\nnot correctly process crafted query names, resulting in a heap buffer overflow\nand potentially leading to arbitrary code execution.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed\nsoftware version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libc-ares-dev\", ver:\"1.10.0-2+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc-ares2:amd64\", ver:\"1.10.0-2+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libc-ares2:i386\", ver:\"1.10.0-2+deb8u1\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:18", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-c-ares FEDORA-2016-66d9389548", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809911", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809911", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-c-ares FEDORA-2016-66d9389548\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809911\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 18:00:38 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-5180\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-c-ares FEDORA-2016-66d9389548\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-c-ares'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-c-ares on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-66d9389548\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4FZNWZ5JOS5EC2B47U7WBNJ4KONCWPGB\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-c-ares\", rpm:\"mingw-c-ares~1.12.0~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for c-ares FEDORA-2016-7aa3c89e7b", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310809928", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310809928", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for c-ares FEDORA-2016-7aa3c89e7b\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.809928\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 18:00:58 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-5180\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for c-ares FEDORA-2016-7aa3c89e7b\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'c-ares'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"c-ares on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-7aa3c89e7b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HDIFKC4ISRHED4WS7J4FQP3QLC6ZUJSQ\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"c-ares\", rpm:\"c-ares~1.12.0~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-14T00:00:00", "type": "openvas", "title": "Fedora Update for nodejs FEDORA-2016-7a3a0f0198", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310810103", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310810103", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nodejs FEDORA-2016-7a3a0f0198\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.810103\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-14 18:01:11 +0530 (Mon, 14 Nov 2016)\");\n script_cve_id(\"CVE-2016-5180\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for nodejs FEDORA-2016-7a3a0f0198\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nodejs'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nodejs on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-7a3a0f0198\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LT2B4ZHUQAAXTFM7AG56GYWJOX5OJL2X\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"nodejs\", rpm:\"nodejs~4.6.1~6.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for mingw-c-ares FEDORA-2016-4f34f26649", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872045", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872045", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-c-ares FEDORA-2016-4f34f26649\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872045\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:25:31 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-5180\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-c-ares FEDORA-2016-4f34f26649\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-c-ares'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-c-ares on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-4f34f26649\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RNPBVEKHPWO5NFLMZM2LXVLEFY5EV4EW\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-c-ares\", rpm:\"mingw-c-ares~1.12.0~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:42", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-07T00:00:00", "type": "openvas", "title": "Fedora Update for c-ares FEDORA-2016-e523c37b4d", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310872067", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310872067", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for c-ares FEDORA-2016-e523c37b4d\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.872067\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-07 05:26:22 +0100 (Wed, 07 Dec 2016)\");\n script_cve_id(\"CVE-2016-5180\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for c-ares FEDORA-2016-e523c37b4d\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'c-ares'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"c-ares on Fedora 25\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-e523c37b4d\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQCFQWVCDYB6S67GUNARANPDHROZEU5L\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC25\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC25\")\n{\n\n if ((res = isrpmvuln(pkg:\"c-ares\", rpm:\"c-ares~1.12.0~1.fc25\", rls:\"FC25\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:49", "description": "Gzob Qq discovered that the\nquery-building functions in c-ares, an asynchronous DNS request library would\nnot correctly process crafted query names, resulting in a heap buffer overflow\nand potentially leading to arbitrary code execution.", "cvss3": {}, "published": "2016-10-05T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3682-1 (c-ares - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703682", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703682", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3682.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3682-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703682\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2016-5180\");\n script_name(\"Debian Security Advisory DSA 3682-1 (c-ares - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-10-05 15:43:05 +0530 (Wed, 05 Oct 2016)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3682.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"c-ares on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 1.10.0-2+deb8u1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 1.12.0-1.\n\nWe recommend that you upgrade your c-ares packages.\");\n script_tag(name:\"summary\", value:\"Gzob Qq discovered that the\nquery-building functions in c-ares, an asynchronous DNS request library would\nnot correctly process crafted query names, resulting in a heap buffer overflow\nand potentially leading to arbitrary code execution.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed\nsoftware version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libc-ares-dev\", ver:\"1.10.0-2+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc-ares2:amd64\", ver:\"1.10.0-2+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libc-ares2:i386\", ver:\"1.10.0-2+deb8u1\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:35:47", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3128-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7042"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842946", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842946", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3128-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842946\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-11 11:15:35 +0100 (Fri, 11 Nov 2016)\");\n script_cve_id(\"CVE-2016-7042\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3128-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Ondrej Kozina discovered that the keyring\n interface in the Linux kernel contained a buffer overflow when displaying\n timeout events via the /proc/keys interface. A local attacker could use this\n to cause a denial of service (system crash).\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3128-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3128-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-generic\", ver:\"4.4.0-47.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-generic-lpae\", ver:\"4.4.0-47.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-lowlatency\", ver:\"4.4.0-47.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-powerpc-e500mc\", ver:\"4.4.0-47.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-powerpc-smp\", ver:\"4.4.0-47.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-powerpc64-emb\", ver:\"4.4.0-47.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-powerpc64-smp\", ver:\"4.4.0-47.68\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.4.0.47.50\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.4.0.47.50\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.4.0.47.50\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.4.0.47.50\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.4.0.47.50\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.4.0.47.50\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.4.0.47.50\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.4.0.47.50\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-05T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-raspi2 USN-3129-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7042"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842976", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842976", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-raspi2 USN-3129-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842976\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-05 09:53:04 +0100 (Mon, 05 Dec 2016)\");\n script_cve_id(\"CVE-2016-7042\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-raspi2 USN-3129-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-raspi2'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Ondrej Kozina discovered that the keyring\n interface in the Linux kernel contained a buffer overflow when displaying timeout\n events via the /proc/keys interface. A local attacker could use this to cause a\n denial of service (system crash). (CVE-2016-7042)\");\n script_tag(name:\"affected\", value:\"linux-raspi2 on Ubuntu 16.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3129-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3129-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-1018-raspi2\", ver:\"4.8.0-1018.21\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-raspi2\", ver:\"4.8.0.1018.21\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-12-05T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux USN-3129-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7042"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842978", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842978", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux USN-3129-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842978\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-12-05 09:53:08 +0100 (Mon, 05 Dec 2016)\");\n script_cve_id(\"CVE-2016-7042\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux USN-3129-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Ondrej Kozina discovered that the keyring\n interface in the Linux kernel contained a buffer overflow when displaying timeout\n events via the /proc/keys interface. A local attacker could use this to cause a\n denial of service (system crash).\");\n script_tag(name:\"affected\", value:\"linux on Ubuntu 16.10\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3129-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3129-1/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.10\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-27-generic\", ver:\"4.8.0-27.29\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-27-generic-lpae\", ver:\"4.8.0-27.29\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-27-lowlatency\", ver:\"4.8.0-27.29\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-27-powerpc-e500mc\", ver:\"4.8.0-27.29\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-27-powerpc-smp\", ver:\"4.8.0-27.29\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.8.0-27-powerpc64-emb\", ver:\"4.8.0-27.29\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic\", ver:\"4.8.0.27.36\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae\", ver:\"4.8.0.27.36\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency\", ver:\"4.8.0.27.36\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc\", ver:\"4.8.0.27.36\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp\", ver:\"4.8.0.27.36\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb\", ver:\"4.8.0.27.36\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp\", ver:\"4.8.0.27.36\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-virtual\", ver:\"4.8.0.27.36\", rls:\"UBUNTU16.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-lts-xenial USN-3128-2", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7042"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842947", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842947", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-lts-xenial USN-3128-2\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842947\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-11 11:15:36 +0100 (Fri, 11 Nov 2016)\");\n script_cve_id(\"CVE-2016-7042\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-lts-xenial USN-3128-2\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-lts-xenial'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"USN-3128-1 fixed vulnerabilities in the\n Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding\n updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS\n for Ubuntu 14.04 LTS.\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel\ncontained a buffer overflow when displaying timeout events via the\n/proc/keys interface. A local attacker could use this to cause a denial of\nservice (system crash).\");\n script_tag(name:\"affected\", value:\"linux-lts-xenial on Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3128-2\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3128-2/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU14\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-generic\", ver:\"4.4.0-47.68~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-generic-lpae\", ver:\"4.4.0-47.68~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-lowlatency\", ver:\"4.4.0-47.68~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-powerpc-e500mc\", ver:\"4.4.0-47.68~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-powerpc-smp\", ver:\"4.4.0-47.68~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-powerpc64-emb\", ver:\"4.4.0-47.68~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-47-powerpc64-smp\", ver:\"4.4.0-47.68~14.04.1\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lpae-lts-xenial\", ver:\"4.4.0.47.34\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-generic-lts-xenial\", ver:\"4.4.0.47.34\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-lowlatency-lts-xenial\", ver:\"4.4.0.47.34\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-e500mc-lts-xenial\", ver:\"4.4.0.47.34\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc-smp-lts-xenial\", ver:\"4.4.0.47.34\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-emb-lts-xenial\", ver:\"4.4.0.47.34\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-powerpc64-smp-lts-xenial\", ver:\"4.4.0.47.34\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:35:09", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "openvas", "title": "Ubuntu Update for linux-snapdragon USN-3128-3", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7042"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310842950", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310842950", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Ubuntu Update for linux-snapdragon USN-3128-3\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.842950\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-11-11 11:15:45 +0100 (Fri, 11 Nov 2016)\");\n script_cve_id(\"CVE-2016-7042\");\n script_tag(name:\"cvss_base\", value:\"4.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for linux-snapdragon USN-3128-3\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'linux-snapdragon'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Ondrej Kozina discovered that the keyring\n interface in the Linux kernel contained a buffer overflow when displaying timeout\n events via the /proc/keys interface. A local attacker could use this to cause a\n denial of service (system crash).\");\n script_tag(name:\"affected\", value:\"linux-snapdragon on Ubuntu 16.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3128-3\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3128-3/\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU16\\.04 LTS\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"linux-image-4.4.0-1035-snapdragon\", ver:\"4.4.0-1035.39\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"linux-image-snapdragon\", ver:\"4.4.0.1035.27\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2022-07-02T17:02:34", "description": "It was discovered that the compression handling code in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did not properly handle anonymous pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress hugetlbfs support in X86 paravirtualized guests. An attacker in the guest OS could cause a denial of service (guest system crash).\n(CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux vulnerabilities (USN-3127-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9904", "CVE-2015-3288", "CVE-2016-3961", "CVE-2016-7042"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3127-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94731", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3127-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94731);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n script_xref(name:\"USN\", value:\"3127-1\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux vulnerabilities (USN-3127-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the compression handling code in the Advanced\nLinux Sound Architecture (ALSA) subsystem in the Linux kernel did not\nproperly check for an integer overflow. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel\ndid not properly handle anonymous pages. A local attacker could use\nthis to cause a denial of service or possibly gain administrative\nprivileges. (CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly\nsuppress hugetlbfs support in X86 paravirtualized guests. An attacker\nin the guest OS could cause a denial of service (guest system crash).\n(CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux\nkernel contained a buffer overflow when displaying timeout events via\nthe /proc/keys interface. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2016-7042).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3127-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3127-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-101-generic\", pkgver:\"3.13.0-101.148\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-101-generic-lpae\", pkgver:\"3.13.0-101.148\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-3.13.0-101-lowlatency\", pkgver:\"3.13.0-101.148\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic\", pkgver:\"3.13.0.101.109\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"3.13.0.101.109\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"3.13.0.101.109\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-virtual\", pkgver:\"3.13.0.101.109\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-07-02T17:00:50", "description": "USN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS.\n\nIt was discovered that the compression handling code in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel did not properly handle anonymous pages. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly suppress hugetlbfs support in X86 paravirtualized guests. An attacker in the guest OS could cause a denial of service (guest system crash).\n(CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3127-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-9904", "CVE-2015-3288", "CVE-2016-3961", "CVE-2016-7042"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-trusty", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-trusty", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-3127-2.NASL", "href": "https://www.tenable.com/plugins/nessus/94732", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3127-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94732);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n script_xref(name:\"USN\", value:\"3127-2\");\n\n script_name(english:\"Ubuntu 12.04 LTS : linux-lts-trusty vulnerabilities (USN-3127-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu\n12.04 LTS.\n\nIt was discovered that the compression handling code in the Advanced\nLinux Sound Architecture (ALSA) subsystem in the Linux kernel did not\nproperly check for an integer overflow. A local attacker could use\nthis to cause a denial of service (system crash). (CVE-2014-9904)\n\nKirill A. Shutemov discovered that memory manager in the Linux kernel\ndid not properly handle anonymous pages. A local attacker could use\nthis to cause a denial of service or possibly gain administrative\nprivileges. (CVE-2015-3288)\n\nVitaly Kuznetsov discovered that the Linux kernel did not properly\nsuppress hugetlbfs support in X86 paravirtualized guests. An attacker\nin the guest OS could cause a denial of service (guest system crash).\n(CVE-2016-3961)\n\nOndrej Kozina discovered that the keyring interface in the Linux\nkernel contained a buffer overflow when displaying timeout events via\nthe /proc/keys interface. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2016-7042).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3127-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-3.13-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-trusty\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-trusty\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/04/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2014-9904\", \"CVE-2015-3288\", \"CVE-2016-3961\", \"CVE-2016-7042\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3127-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-101-generic\", pkgver:\"3.13.0-101.148~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-3.13.0-101-generic-lpae\", pkgver:\"3.13.0-101.148~precise1\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic-lpae-lts-trusty\", pkgver:\"3.13.0.101.92\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"linux-image-generic-lts-trusty\", pkgver:\"3.13.0.101.92\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-3.13-generic / linux-image-3.13-generic-lpae / etc\");\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-20T14:32:00", "description": "The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image.", "cvss3": {}, "published": "2015-11-05T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Linux kernel vulnerability (SOL17543)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9420"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL17543.NASL", "href": "https://www.tenable.com/plugins/nessus/86729", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution SOL17543.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(86729);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2014-9420\");\n script_bugtraq_id(71717);\n\n script_name(english:\"F5 Networks BIG-IP : Linux kernel vulnerability (SOL17543)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The rock_continue function in fs/isofs/rock.c in the Linux kernel\nthrough 3.18.1 does not restrict the number of Rock Ridge continuation\nentries, which allows local users to cause a denial of service\n(infinite loop, and system crash or hang) via a crafted iso9660 image.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K17543\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution SOL17543.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/12/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/11/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"SOL17543\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"11.4.0-11.6.0\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.6.0\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"11.3.0-11.6.0\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"12.0.0\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T14:17:28", "description": "This update for libcares2 fixes the following issues :\n\n - Add patch to fix single byte out of buffer write (CVE-2016-5180, bsc#1007728)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-03T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : libcares2 (SUSE-SU-2016:3287-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libcares2", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2016-3287-1.NASL", "href": "https://www.tenable.com/plugins/nessus/96256", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:3287-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96256);\n script_version(\"3.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5180\");\n\n script_name(english:\"SUSE SLES11 Security Update : libcares2 (SUSE-SU-2016:3287-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libcares2 fixes the following issues :\n\n - Add patch to fix single byte out of buffer write\n (CVE-2016-5180, bsc#1007728)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1007728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5180/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20163287-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e534f47d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 11-SP4:zypper in -t\npatch sdksp4-libcares2-12921=1\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-libcares2-12921=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-libcares2-12921=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcares2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"libcares2-1.7.4-7.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcares2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:17:29", "description": "This update for libcares2 fixes the following issues :\n\n - Add patch to fix single byte out of buffer write (CVE-2016-5180, bsc#1007728)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-03T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libcares2 (SUSE-SU-2016:3286-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libcares2", "p-cpe:/a:novell:suse_linux:libcares2-debuginfo", "p-cpe:/a:novell:suse_linux:libcares2-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-3286-1.NASL", "href": "https://www.tenable.com/plugins/nessus/96255", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:3286-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96255);\n script_version(\"3.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-5180\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libcares2 (SUSE-SU-2016:3286-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libcares2 fixes the following issues :\n\n - Add patch to fix single byte out of buffer write\n (CVE-2016-5180, bsc#1007728)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1007728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5180/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20163286-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3cfe6e76\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Workstation Extension 12-SP2:zypper in -t patch\nSUSE-SLE-WE-12-SP2-2016-1924=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP1:zypper in -t patch\nSUSE-SLE-WE-12-SP1-2016-1924=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP2:zypper in -t\npatch SUSE-SLE-SDK-12-SP2-2016-1924=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP1:zypper in -t\npatch SUSE-SLE-SDK-12-SP1-2016-1924=1\n\nSUSE Linux Enterprise Server for Raspberry Pi 12-SP2:zypper in -t\npatch SUSE-SLE-RPI-12-SP2-2016-1924=1\n\nSUSE Linux Enterprise Server 12-SP2:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2016-1924=1\n\nSUSE Linux Enterprise Server 12-SP1:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2016-1924=1\n\nSUSE Linux Enterprise Desktop 12-SP2:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP2-2016-1924=1\n\nSUSE Linux Enterprise Desktop 12-SP1:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP1-2016-1924=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcares2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcares2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libcares2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libcares2-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libcares2-debuginfo-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libcares2-debugsource-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libcares2-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libcares2-debuginfo-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", cpu:\"x86_64\", reference:\"libcares2-debugsource-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libcares2-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libcares2-32bit-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libcares2-debuginfo-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libcares2-debuginfo-32bit-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"1\", cpu:\"x86_64\", reference:\"libcares2-debugsource-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libcares2-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libcares2-32bit-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libcares2-debuginfo-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libcares2-debuginfo-32bit-1.9.1-5.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"2\", cpu:\"x86_64\", reference:\"libcares2-debugsource-1.9.1-5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcares2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:16:48", "description": "The remote host is affected by the vulnerability described in GLSA-201701-28 (c-ares: Heap-based buffer overflow)\n\n A hostname with an escaped trailing dot (such as “hello\\\\.”) would have its size calculated incorrectly leading to a single byte written beyond the end of a buffer on the heap.\n Impact :\n\n A remote attacker, able to provide a specially crafted hostname to an application using c-ares, could potentially cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-12T00:00:00", "type": "nessus", "title": "GLSA-201701-28 : c-ares: Heap-based buffer overflow", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:c-ares", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201701-28.NASL", "href": "https://www.tenable.com/plugins/nessus/96422", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201701-28.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96422);\n script_version(\"3.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5180\");\n script_xref(name:\"GLSA\", value:\"201701-28\");\n\n script_name(english:\"GLSA-201701-28 : c-ares: Heap-based buffer overflow\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201701-28\n(c-ares: Heap-based buffer overflow)\n\n A hostname with an escaped trailing dot (such as “hello\\\\.”) would\n have its size calculated incorrectly leading to a single byte written\n beyond the end of a buffer on the heap.\n \nImpact :\n\n A remote attacker, able to provide a specially crafted hostname to an\n application using c-ares, could potentially cause a Denial of Service\n condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201701-28\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All c-ares users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-dns/c-ares-1.12.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-dns/c-ares\", unaffected:make_list(\"ge 1.12.0\"), vulnerable:make_list(\"lt 1.12.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"c-ares\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:16:48", "description": "This update for libcares2 fixes the following issues :\n\n - Add patch to fix single byte out of buffer write (CVE-2016-5180, bsc#1007728)\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-10T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libcares2 (openSUSE-2017-58)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libcares-devel", "p-cpe:/a:novell:opensuse:libcares2", "p-cpe:/a:novell:opensuse:libcares2-32bit", "p-cpe:/a:novell:opensuse:libcares2-debuginfo", "p-cpe:/a:novell:opensuse:libcares2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libcares2-debugsource", "cpe:/o:novell:opensuse:42.1", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2017-58.NASL", "href": "https://www.tenable.com/plugins/nessus/96379", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2017-58.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96379);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5180\");\n\n script_name(english:\"openSUSE Security Update : libcares2 (openSUSE-2017-58)\");\n script_summary(english:\"Check for the openSUSE-2017-58 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libcares2 fixes the following issues :\n\n - Add patch to fix single byte out of buffer write\n (CVE-2016-5180, bsc#1007728)\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1007728\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcares2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.1|SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.1 / 42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libcares-devel-1.9.1-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libcares2-1.9.1-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libcares2-debuginfo-1.9.1-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"libcares2-debugsource-1.9.1-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libcares2-32bit-1.9.1-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", cpu:\"x86_64\", reference:\"libcares2-debuginfo-32bit-1.9.1-5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libcares-devel-1.9.1-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libcares2-1.9.1-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libcares2-debuginfo-1.9.1-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"libcares2-debugsource-1.9.1-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libcares2-32bit-1.9.1-6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", cpu:\"x86_64\", reference:\"libcares2-debuginfo-32bit-1.9.1-6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcares-devel / libcares2 / libcares2-32bit / libcares2-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:56:13", "description": "Gzob Qq discovered that the query-building functions in c-ares, an asynchronous DNS request library would not correctly process crafted query names, resulting in a heap buffer overflow and potentially leading to arbitrary code execution.", "cvss3": {}, "published": "2016-10-04T00:00:00", "type": "nessus", "title": "Debian DSA-3682-1 : c-ares - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:c-ares", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3682.NASL", "href": "https://www.tenable.com/plugins/nessus/93836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3682. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93836);\n script_version(\"2.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5180\");\n script_xref(name:\"DSA\", value:\"3682\");\n\n script_name(english:\"Debian DSA-3682-1 : c-ares - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Gzob Qq discovered that the query-building functions in c-ares, an\nasynchronous DNS request library would not correctly process crafted\nquery names, resulting in a heap buffer overflow and potentially\nleading to arbitrary code execution.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839151\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/c-ares\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3682\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the c-ares packages.\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 1.10.0-2+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libc-ares-dev\", reference:\"1.10.0-2+deb8u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libc-ares2\", reference:\"1.10.0-2+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:56:36", "description": "Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-06T00:00:00", "type": "nessus", "title": "Fedora 24 : c-ares (2016-1cc00cde2d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:c-ares", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-1CC00CDE2D.NASL", "href": "https://www.tenable.com/plugins/nessus/93874", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-1cc00cde2d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93874);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5180\");\n script_xref(name:\"FEDORA\", value:\"2016-1cc00cde2d\");\n\n script_name(english:\"Fedora 24 : c-ares (2016-1cc00cde2d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-1cc00cde2d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected c-ares package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"c-ares-1.12.0-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"c-ares\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:59:40", "description": "Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-10T00:00:00", "type": "nessus", "title": "Fedora 24 : mingw-c-ares (2016-a7f9e86df7)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-c-ares", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-A7F9E86DF7.NASL", "href": "https://www.tenable.com/plugins/nessus/93926", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-a7f9e86df7.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93926);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5180\");\n script_xref(name:\"FEDORA\", value:\"2016-a7f9e86df7\");\n\n script_name(english:\"Fedora 24 : mingw-c-ares (2016-a7f9e86df7)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-a7f9e86df7\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-c-ares package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"mingw-c-ares-1.12.0-1.fc24\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-c-ares\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:58:03", "description": "Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-10T00:00:00", "type": "nessus", "title": "Fedora 23 : mingw-c-ares (2016-66d9389548)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-c-ares", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-66D9389548.NASL", "href": "https://www.tenable.com/plugins/nessus/93920", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-66d9389548.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93920);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5180\");\n script_xref(name:\"FEDORA\", value:\"2016-66d9389548\");\n\n script_name(english:\"Fedora 23 : mingw-c-ares (2016-66d9389548)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-66d9389548\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-c-ares package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"mingw-c-ares-1.12.0-1.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-c-ares\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:59:35", "description": "Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-12T00:00:00", "type": "nessus", "title": "Fedora 23 : c-ares (2016-7aa3c89e7b)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:c-ares", "cpe:/o:fedoraproject:fedora:23"], "id": "FEDORA_2016-7AA3C89E7B.NASL", "href": "https://www.tenable.com/plugins/nessus/93976", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-7aa3c89e7b.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93976);\n script_version(\"2.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5180\");\n script_xref(name:\"FEDORA\", value:\"2016-7aa3c89e7b\");\n\n script_name(english:\"Fedora 23 : c-ares (2016-7aa3c89e7b)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-7aa3c89e7b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected c-ares package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:23\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^23([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 23\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC23\", reference:\"c-ares-1.12.0-1.fc23\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"c-ares\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:56:14", "description": "Update to 4.6.1 (security)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-31T00:00:00", "type": "nessus", "title": "Fedora 24 : 1:nodejs (2016-7a3a0f0198)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:1:nodejs", "cpe:/o:fedoraproject:fedora:24"], "id": "FEDORA_2016-7A3A0F0198.NASL", "href": "https://www.tenable.com/plugins/nessus/94414", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-7a3a0f0198.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94414);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5180\");\n script_xref(name:\"FEDORA\", value:\"2016-7a3a0f0198\");\n\n script_name(english:\"Fedora 24 : 1:nodejs (2016-7a3a0f0198)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to 4.6.1 (security)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-7a3a0f0198\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 1:nodejs package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:1:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:24\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/31\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^24([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 24\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC24\", reference:\"nodejs-4.6.1-6.fc24\", epoch:\"1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"1:nodejs\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T17:03:17", "description": "Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-15T00:00:00", "type": "nessus", "title": "Fedora 25 : c-ares (2016-e523c37b4d)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:c-ares", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-E523C37B4D.NASL", "href": "https://www.tenable.com/plugins/nessus/94872", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-e523c37b4d.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94872);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5180\");\n script_xref(name:\"FEDORA\", value:\"2016-e523c37b4d\");\n\n script_name(english:\"Fedora 25 : c-ares (2016-e523c37b4d)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-e523c37b4d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected c-ares package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"c-ares-1.12.0-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"c-ares\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-12T20:06:31", "description": "This update for libcares2 fixes the following issues :\n\n - ares_create_query() single byte out of buffer write (CVE-2016-5180, boo#1007728)", "cvss3": {}, "published": "2016-12-02T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libcares2 (openSUSE-2016-1373)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libcares-devel", "p-cpe:/a:novell:opensuse:libcares2", "p-cpe:/a:novell:opensuse:libcares2-32bit", "p-cpe:/a:novell:opensuse:libcares2-debuginfo", "p-cpe:/a:novell:opensuse:libcares2-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libcares2-debugsource", "cpe:/o:novell:opensuse:13.2"], "id": "OPENSUSE-2016-1373.NASL", "href": "https://www.tenable.com/plugins/nessus/95463", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1373.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95463);\n script_version(\"3.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5180\");\n\n script_name(english:\"openSUSE Security Update : libcares2 (openSUSE-2016-1373)\");\n script_summary(english:\"Check for the openSUSE-2016-1373 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libcares2 fixes the following issues :\n\n - ares_create_query() single byte out of buffer write\n (CVE-2016-5180, boo#1007728)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1007728\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libcares2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares2-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares2-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcares2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libcares-devel-1.10.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libcares2-1.10.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libcares2-debuginfo-1.10.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"libcares2-debugsource-1.10.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libcares2-32bit-1.10.0-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", cpu:\"x86_64\", reference:\"libcares2-debuginfo-32bit-1.10.0-2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libcares-devel / libcares2 / libcares2-32bit / libcares2-debuginfo / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-06-12T20:06:31", "description": "This update for nodejs4 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-5180: c-ares: Fix for single-byte buffer overwrite (bsc#1007728).\n\nBug fixes :\n\n - bsc#1009011: npm4 should provide versioned nodejs-npm and npm allowing nodejs-packaging to continue to function properly in Leap 42.2\n\nThis update was imported from the SUSE:SLE-12:Update update project.", "cvss3": {}, "published": "2016-12-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nodejs4 (openSUSE-2016-1403)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:nodejs4", "p-cpe:/a:novell:opensuse:nodejs4-debuginfo", "p-cpe:/a:novell:opensuse:nodejs4-debugsource", "p-cpe:/a:novell:opensuse:nodejs4-devel", "p-cpe:/a:novell:opensuse:npm4", "cpe:/o:novell:opensuse:42.2"], "id": "OPENSUSE-2016-1403.NASL", "href": "https://www.tenable.com/plugins/nessus/95557", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1403.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(95557);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5180\");\n\n script_name(english:\"openSUSE Security Update : nodejs4 (openSUSE-2016-1403)\");\n script_summary(english:\"Check for the openSUSE-2016-1403 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs4 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2016-5180: c-ares: Fix for single-byte buffer\n overwrite (bsc#1007728).\n\nBug fixes :\n\n - bsc#1009011: npm4 should provide versioned nodejs-npm\n and npm allowing nodejs-packaging to continue to\n function properly in Leap 42.2\n\nThis update was imported from the SUSE:SLE-12:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1007728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1009011\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nodejs4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:npm4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.2\", reference:\"nodejs4-4.6.1-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"nodejs4-debuginfo-4.6.1-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"nodejs4-debugsource-4.6.1-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"nodejs4-devel-4.6.1-3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.2\", reference:\"npm4-4.6.1-3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs4 / nodejs4-debuginfo / nodejs4-debugsource / nodejs4-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T17:03:13", "description": "This update for nodejs fixes the following issues :\n\n - New upstream LTS version 4.6.1\n\n - c-ares :\n\n + CVE-2016-5180: fix for single-byte buffer overwrite\n\n - Fix nodejs-libpath.patch so ppc doesn't fail to build", "cvss3": {}, "published": "2016-11-10T00:00:00", "type": "nessus", "title": "openSUSE Security Update : nodejs (openSUSE-2016-1277)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:nodejs", "p-cpe:/a:novell:opensuse:nodejs-debuginfo", "p-cpe:/a:novell:opensuse:nodejs-debugsource", "p-cpe:/a:novell:opensuse:nodejs-devel", "p-cpe:/a:novell:opensuse:npm", "cpe:/o:novell:opensuse:13.2", "cpe:/o:novell:opensuse:42.1"], "id": "OPENSUSE-2016-1277.NASL", "href": "https://www.tenable.com/plugins/nessus/94664", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2016-1277.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94664);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2016-5180\");\n\n script_name(english:\"openSUSE Security Update : nodejs (openSUSE-2016-1277)\");\n script_summary(english:\"Check for the openSUSE-2016-1277 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs fixes the following issues :\n\n - New upstream LTS version 4.6.1\n\n - c-ares :\n\n + CVE-2016-5180: fix for single-byte buffer overwrite\n\n - Fix nodejs-libpath.patch so ppc doesn't fail to build\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected nodejs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nodejs-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:npm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:13.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE13\\.2|SUSE42\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"13.2 / 42.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE13.2\", reference:\"nodejs-4.6.1-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"nodejs-debuginfo-4.6.1-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"nodejs-debugsource-4.6.1-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE13.2\", reference:\"nodejs-devel-4.6.1-27.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"nodejs-4.6.1-36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"nodejs-debuginfo-4.6.1-36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"nodejs-debugsource-4.6.1-36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"nodejs-devel-4.6.1-36.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.1\", reference:\"npm-4.6.1-36.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs / nodejs-debuginfo / nodejs-debugsource / nodejs-devel / npm\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T17:03:11", "description": "Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-15T00:00:00", "type": "nessus", "title": "Fedora 25 : mingw-c-ares (2016-4f34f26649)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mingw-c-ares", "cpe:/o:fedoraproject:fedora:25"], "id": "FEDORA_2016-4F34F26649.NASL", "href": "https://www.tenable.com/plugins/nessus/94805", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2016-4f34f26649.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94805);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5180\");\n script_xref(name:\"FEDORA\", value:\"2016-4f34f26649\");\n\n script_name(english:\"Fedora 25 : mingw-c-ares (2016-4f34f26649)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2016-5180\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2016-4f34f26649\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-c-ares package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-c-ares\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:25\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^25([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 25\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC25\", reference:\"mingw-c-ares-1.12.0-1.fc25\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-c-ares\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:59:40", "description": "Gzob Qq discovered that the query-building functions in c-ares, an asynchronous DNS request library would not correctly process crafted query names, resulting in a heap buffer overflow and potentially leading to arbitrary code execution.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 1.9.1-3+deb7u1.\n\nWe recommend that you upgrade your c-ares packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-10-07T00:00:00", "type": "nessus", "title": "Debian DLA-648-1 : c-ares security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libc-ares-dev", "p-cpe:/a:debian:debian_linux:libc-ares2", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DLA-648.NASL", "href": "https://www.tenable.com/plugins/nessus/93900", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-648-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(93900);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-5180\");\n\n script_name(english:\"Debian DLA-648-1 : c-ares security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Gzob Qq discovered that the query-building functions in c-ares, an\nasynchronous DNS request library would not correctly process crafted\nquery names, resulting in a heap buffer overflow and potentially\nleading to arbitrary code execution.\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n1.9.1-3+deb7u1.\n\nWe recommend that you upgrade your c-ares packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/10/msg00004.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/c-ares\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected libc-ares-dev, and libc-ares2 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc-ares-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libc-ares2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libc-ares-dev\", reference:\"1.9.1-3+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libc-ares2\", reference:\"1.9.1-3+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T16:56:32", "description": "Node.js has released new versions containing the following security fix :\n\nThe following releases all contain fixes for CVE-2016-5180 'ares_create_query single byte out of buffer write': Node.js v0.10.48 (Maintenance), Node.js v0.12.17 (Maintenance), Node.js v4.6.1 (LTS 'Argon')\n\nWhile this is not a critical update, all users of these release lines should upgrade at their earliest convenience.", "cvss3": {}, "published": "2016-10-31T00:00:00", "type": "nessus", "title": "FreeBSD : node.js -- ares_create_query single byte out of buffer write (28bb6ee5-9b5c-11e6-b799-19bef72f4b7c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:node010", "p-cpe:/a:freebsd:freebsd:node012", "p-cpe:/a:freebsd:freebsd:node4", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_28BB6EE59B5C11E6B79919BEF72F4B7C.NASL", "href": "https://www.tenable.com/plugins/nessus/94416", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(94416);\n script_version(\"2.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2016-5180\");\n\n script_name(english:\"FreeBSD : node.js -- ares_create_query single byte out of buffer write (28bb6ee5-9b5c-11e6-b799-19bef72f4b7c)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Node.js has released new versions containing the following security\nfix :\n\nThe following releases all contain fixes for CVE-2016-5180\n'ares_create_query single byte out of buffer write': Node.js v0.10.48\n(Maintenance), Node.js v0.12.17 (Maintenance), Node.js v4.6.1 (LTS\n'Argon')\n\nWhile this is not a critical update, all users of these release lines\nshould upgrade at their earliest convenience.\"\n );\n # https://nodejs.org/en/blog/vulnerability/october-2016-security-releases/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ea1d488b\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=213800\"\n );\n # https://vuxml.freebsd.org/freebsd/28bb6ee5-9b5c-11e6-b799-19bef72f4b7c.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?975b4785\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node010\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node012\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:node4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/10/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/10/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"node010<0.10.48\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node012<0.12.17\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"node4<4.6.1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-02T17:00:56", "description": "Gzob Qq discovered that c-ares incorrectly handled certain hostnames.\nA remote attacker could use this issue to cause applications using c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-12-01T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : c-ares vulnerability (USN-3143-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-5180"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libc-ares2", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3143-1.NASL", "href": "https://www.tenable.com/plugins/nessus/95428", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3143-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(95428);\n script_version(\"3.6\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-5180\");\n script_xref(name:\"USN\", value:\"3143-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : c-ares vulnerability (USN-3143-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Gzob Qq discovered that c-ares incorrectly handled certain hostnames.\nA remote attacker could use this issue to cause applications using\nc-ares to crash, resulting in a denial of service, or possibly execute\narbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3143-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libc-ares2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libc-ares2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04|16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04 / 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libc-ares2\", pkgver:\"1.7.5-1ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"libc-ares2\", pkgver:\"1.10.0-2ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libc-ares2\", pkgver:\"1.10.0-3ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"libc-ares2\", pkgver:\"1.11.0-1ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libc-ares2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:05", "description": "This update for nodejs4 fixes the following issues: Security issues fixed :\n\n - CVE-2016-5180: c-ares: Fix for single-byte buffer overwrite (bsc#1007728). Bug fixes :\n\n - bsc#1009011: npm4 should provide versioned nodejs-npm and npm allowing nodejs-packaging to continue to function properly in Leap 42.2\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-02T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2016:2898-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5180"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:nodejs4", "p-cpe:/a:novell:suse_linux:nodejs4-debuginfo", "p-cpe:/a:novell:suse_linux:nodejs4-debugsource", "p-cpe:/a:novell:suse_linux:nodejs4-devel", "p-cpe:/a:novell:suse_linux:npm4", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2016-2898-1.NASL", "href": "https://www.tenable.com/plugins/nessus/119986", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2016:2898-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119986);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2016-5180\");\n\n script_name(english:\"SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2016:2898-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for nodejs4 fixes the following issues: Security issues\nfixed :\n\n - CVE-2016-5180: c-ares: Fix for single-byte buffer\n overwrite (bsc#1007728). Bug fixes :\n\n - bsc#1009011: npm4 should provide versioned nodejs-npm\n and npm allowing nodejs-packaging to continue to\n function properly in Leap 42.2\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1007728\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1009011\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2016-5180/\"\n );\n # https://www.suse.com/support/update/announcement/2016/suse-su-20162898-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?17ea6fbe\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use YaST online_update.\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2016-1694=1\n\nTo bring your system up-to-date, use 'zypper patch'.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nodejs4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:npm4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-4.6.1-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-debuginfo-4.6.1-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-debugsource-4.6.1-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"nodejs4-devel-4.6.1-11.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", cpu:\"x86_64\", reference:\"npm4-4.6.1-11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nodejs4\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:39:22", "description": "Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 16.10 : linux vulnerability (USN-3129-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7042"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3129-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94736", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3129-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94736);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-7042\");\n script_xref(name:\"USN\", value:\"3129-1\");\n\n script_name(english:\"Ubuntu 16.10 : linux vulnerability (USN-3129-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ondrej Kozina discovered that the keyring interface in the Linux\nkernel contained a buffer overflow when displaying timeout events via\nthe /proc/keys interface. A local attacker could use this to cause a\ndenial of service (system crash).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3129-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-7042\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3129-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-27-generic\", pkgver:\"4.8.0-27.29\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-27-generic-lpae\", pkgver:\"4.8.0-27.29\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-27-lowlatency\", pkgver:\"4.8.0-27.29\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-generic\", pkgver:\"4.8.0.27.36\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.8.0.27.36\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.8.0.27.36\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-virtual\", pkgver:\"4.8.0.27.36\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.8-generic / linux-image-4.8-generic-lpae / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:39:28", "description": "Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux vulnerability (USN-3128-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7042"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3128-1.NASL", "href": "https://www.tenable.com/plugins/nessus/94733", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3128-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94733);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-7042\");\n script_xref(name:\"USN\", value:\"3128-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux vulnerability (USN-3128-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ondrej Kozina discovered that the keyring interface in the Linux\nkernel contained a buffer overflow when displaying timeout events via\nthe /proc/keys interface. A local attacker could use this to cause a\ndenial of service (system crash).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3128-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-virtual\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-7042\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3128-1\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-47-generic\", pkgver:\"4.4.0-47.68\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-47-generic-lpae\", pkgver:\"4.4.0-47.68\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-47-lowlatency\", pkgver:\"4.4.0-47.68\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic\", pkgver:\"4.4.0.47.50\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-generic-lpae\", pkgver:\"4.4.0.47.50\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-lowlatency\", pkgver:\"4.4.0.47.50\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-virtual\", pkgver:\"4.4.0.47.50\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-generic / linux-image-4.4-generic-lpae / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:39:36", "description": "Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-7042).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 16.10 : linux-raspi2 vulnerabilities (USN-3129-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7042"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-raspi2", "p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2", "cpe:/o:canonical:ubuntu_linux:16.10"], "id": "UBUNTU_USN-3129-2.NASL", "href": "https://www.tenable.com/plugins/nessus/94737", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3129-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94737);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-7042\");\n script_xref(name:\"USN\", value:\"3129-2\");\n\n script_name(english:\"Ubuntu 16.10 : linux-raspi2 vulnerabilities (USN-3129-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ondrej Kozina discovered that the keyring interface in the Linux\nkernel contained a buffer overflow when displaying timeout events via\nthe /proc/keys interface. A local attacker could use this to cause a\ndenial of service (system crash). (CVE-2016-7042).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3129-2/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.8-raspi2 and / or linux-image-raspi2\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.8-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-raspi2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-7042\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3129-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-4.8.0-1018-raspi2\", pkgver:\"4.8.0-1018.21\")) flag++;\nif (ubuntu_check(osver:\"16.10\", pkgname:\"linux-image-raspi2\", pkgver:\"4.8.0.1018.21\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.8-raspi2 / linux-image-raspi2\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:39:28", "description": "USN-3128-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.\n\nOndrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 14.04 LTS : linux-lts-xenial vulnerability (USN-3128-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7042"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae", "p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial", "p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-3128-2.NASL", "href": "https://www.tenable.com/plugins/nessus/94734", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3128-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94734);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-7042\");\n script_xref(name:\"USN\", value:\"3128-2\");\n\n script_name(english:\"Ubuntu 14.04 LTS : linux-lts-xenial vulnerability (USN-3128-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"USN-3128-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nOndrej Kozina discovered that the keyring interface in the Linux\nkernel contained a buffer overflow when displaying timeout events via\nthe /proc/keys interface. A local attacker could use this to cause a\ndenial of service (system crash).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3128-2/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-generic-lpae\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-lowlatency\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lpae-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-generic-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-lowlatency-lts-xenial\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-7042\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3128-2\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-47-generic\", pkgver:\"4.4.0-47.68~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-47-generic-lpae\", pkgver:\"4.4.0-47.68~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-4.4.0-47-lowlatency\", pkgver:\"4.4.0-47.68~14.04.1\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lpae-lts-xenial\", pkgver:\"4.4.0.47.34\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-generic-lts-xenial\", pkgver:\"4.4.0.47.34\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"linux-image-lowlatency-lts-xenial\", pkgver:\"4.4.0.47.34\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-generic / linux-image-4.4-generic-lpae / etc\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-08-19T12:39:22", "description": "Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-11-11T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS : linux-snapdragon vulnerability (USN-3128-3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-7042"], "modified": "2019-09-18T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon", "p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon", "cpe:/o:canonical:ubuntu_linux:16.04"], "id": "UBUNTU_USN-3128-3.NASL", "href": "https://www.tenable.com/plugins/nessus/94735", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3128-3. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(94735);\n script_version(\"2.8\");\n script_cvs_date(\"Date: 2019/09/18 12:31:46\");\n\n script_cve_id(\"CVE-2016-7042\");\n script_xref(name:\"USN\", value:\"3128-3\");\n\n script_name(english:\"Ubuntu 16.04 LTS : linux-snapdragon vulnerability (USN-3128-3)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ondrej Kozina discovered that the keyring interface in the Linux\nkernel contained a buffer overflow when displaying timeout events via\nthe /proc/keys interface. A local attacker could use this to cause a\ndenial of service (system crash).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3128-3/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected linux-image-4.4-snapdragon and / or\nlinux-image-snapdragon packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-4.4-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:linux-image-snapdragon\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/10/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/11/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2016-2019 Canonical, Inc. / NASL script (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"ksplice.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2016-7042\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for USN-3128-3\");\n }\n else\n {\n _ubuntu_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-4.4.0-1035-snapdragon\", pkgver:\"4.4.0-1035.39\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"linux-image-snapdragon\", pkgver:\"4.4.0.1035.27\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux-image-4.4-snapdragon / linux-image-snapdragon\");\n}\n", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-10T14:50:29", "description": "According to the version of the opus package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android.\n Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432.(CVE-2017-0381)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-10-30T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : opus (EulerOS-SA-2020-2293)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0381"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:opus", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-2293.NASL", "href": "https://www.tenable.com/plugins/nessus/142086", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142086);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-0381\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : opus (EulerOS-SA-2020-2293)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the opus package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - An information disclosure vulnerability in\n silk/NLSF_stabilize.c in libopus in Mediaserver could\n enable a local malicious application to access data\n outside of its permission levels. This issue is rated\n as Moderate because it could be used to access\n sensitive data without permission. Product: Android.\n Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android\n ID: A-31607432.(CVE-2017-0381)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2293\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8c5b61e2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected opus package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:opus\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"opus-1.0.2-7.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opus\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-02-10T14:52:05", "description": "According to the version of the opus package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. (CVE-2017-0381)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-11-03T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : opus (EulerOS-SA-2020-2377)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0381"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:opus", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-2377.NASL", "href": "https://www.tenable.com/plugins/nessus/142251", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142251);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-0381\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : opus (EulerOS-SA-2020-2377)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the opus package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - An information disclosure vulnerability in\n silk/NLSF_stabilize.c in libopus in Mediaserver could\n enable a local malicious application to access data\n outside of its permission levels. This issue is rated\n as Moderate because it could be used to access\n sensitive data without permission. (CVE-2017-0381)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2377\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3d1acf1a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected opus package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:opus\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"opus-1.0.2-6.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opus\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:19:51", "description": "According to the version of the opus package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - An information disclosure vulnerability in silk/NLSF_stabilize.c in libopus in Mediaserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android.\n Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31607432.(CVE-2017-0381)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-09-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : opus (EulerOS-SA-2020-2071)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0381"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:opus", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-2071.NASL", "href": "https://www.tenable.com/plugins/nessus/140838", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140838);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-0381\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : opus (EulerOS-SA-2020-2071)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the opus package installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - An information disclosure vulnerability in\n silk/NLSF_stabilize.c in libopus in Mediaserver could\n enable a local malicious application to access data\n outside of its permission levels. This issue is rated\n as Moderate because it could be used to access\n sensitive data without permission. Product: Android.\n Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android\n ID: A-31607432.(CVE-2017-0381)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2071\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3e0dece3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected opus package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:opus\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"opus-1.0.2-6.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opus\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2023-02-09T14:20:35", "description": "An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31968442.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8458", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8458"], "modified": "2017-01-24T00:09:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8458", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8458", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:36", "description": "A denial of service vulnerability in the Qualcomm FUSE file system could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-30786860. References: QC-CR#586855.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8463", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8463"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8463", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8463", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:23:11", "description": "The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-05T11:59:00", "type": "cve", "title": "CVE-2016-9754", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9754"], "modified": "2023-01-17T21:05:00", "cpe": ["cpe:/o:linux:linux_kernel:4.6"], "id": "CVE-2016-9754", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9754", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.6:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:36", "description": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32474971. References: B-RB#106053.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8465", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8465"], "modified": "2017-07-11T01:33:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8465", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8465", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:36", "description": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31822524. References: B-RB#105268.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8466", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8466"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8466", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8466", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:37", "description": "An elevation of privilege vulnerability in Binder could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.18. Android ID: A-32394425.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8468", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8468"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8468", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8468", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:39", "description": "An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31795790.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8473", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8473"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8473", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8473", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:34", "description": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219255. References: B-RB#105580.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8456", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8456"], "modified": "2017-01-24T00:08:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8456", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8456", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:39", "description": "An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31528890. References: MT-ALPS02961380.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8471", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8471"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8471", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8471", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:30", "description": "An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31750554. References: QC-CR#1079596.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8415", "cwe": ["CWE-284"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8415"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8415", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8415", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:37", "description": "An information disclosure vulnerability in the camera driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31351206. References: N-CVE-2016-8469.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8469", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8469"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8469", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8469", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:37", "description": "An information disclosure vulnerability in the STMicroelectronics driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31799972.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8474", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8474"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8474", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8474", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:40", "description": "An information disclosure vulnerability in the HTC input driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android ID: A-32591129.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8475", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8475"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8475", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8475", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:36", "description": "An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31528889. References: MT-ALPS02961395.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8470", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8470"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8470", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8470", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:29", "description": "Unauthenticated messages processed by the UE. Certain NAS messages are processed when no EPS security context exists in the UE. Product: Android. Versions: Kernel 3.18. Android ID: A-31548486. References: QC-CR#877705.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8398", "cwe": ["CWE-254"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8398"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8398", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8398", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:35", "description": "An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. Product: Android. Versions: N/A. Android ID: A-32510383.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8462", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8462"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8462", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8462", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T02:41:06", "description": "Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation.", "cvss3": {}, "published": "2015-08-31T10:59:00", "type": "cve", "title": "CVE-2015-5706", "cwe": ["CWE-416"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5706"], "modified": "2020-08-13T14:15:00", "cpe": ["cpe:/o:debian:debian_linux:7.0", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:linux:linux_kernel:3.19.8", "cpe:/o:debian:debian_linux:8.0"], "id": "CVE-2015-5706", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-5706", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.19.8:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*"]}, {"lastseen": "2023-02-09T14:20:36", "description": "Possible buffer overflow in storage subsystem. Bad parameters as part of listener responses to RPMB commands could lead to buffer overflow. Product: Android. Versions: Kernel 3.18. Android ID: A-32577972. References: QC-CR#988462.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8459", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8459"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8459", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8459", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:35", "description": "An information disclosure vulnerability in the bootloader could enable a local attacker to access data outside of its permission level. This issue is rated as High because it could be used to access sensitive data. Product: Android. Versions: Kernel-3.18. Android ID: A-32369621.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8461", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8461"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8461", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8461", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:33", "description": "An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31747590. References: MT-ALPS02968983.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8445", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8445"], "modified": "2017-01-24T00:05:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8445", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8445", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:39", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-05T18:29:00", "type": "cve", "title": "CVE-2016-8482", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8482"], "modified": "2018-04-17T16:46:00", "cpe": ["cpe:/o:google:android:-"], "id": "CVE-2016-8482", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8482", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T02:05:06", "description": "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-16T21:59:00", "type": "cve", "title": "CVE-2015-3288", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3288"], "modified": "2023-02-12T23:15:00", "cpe": [], "id": "CVE-2015-3288", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3288", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": []}, {"lastseen": "2023-02-09T14:20:33", "description": "An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-31243641. References: QC-CR#1074310.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8444", "cwe": ["CWE-284"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8444"], "modified": "2017-01-24T00:04:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8444", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8444", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:35", "description": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-32219121. References: B-RB#106311.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8455", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8455"], "modified": "2017-01-24T00:06:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8455", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8455", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:13:14", "description": "Integer overflow in the rtxMemHeapAlloc function in asn1rt_a.lib in Objective Systems ASN1C for C/C++ before 7.0.2 allows context-dependent attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow), on a system running an application compiled by ASN1C, via crafted ASN.1 data.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-07-19T22:59:00", "type": "cve", "title": "CVE-2016-5080", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5080"], "modified": "2018-10-17T01:29:00", "cpe": ["cpe:/a:objective_systems:asn1c:7.0.1"], "id": "CVE-2016-5080", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5080", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:objective_systems:asn1c:7.0.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:38", "description": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-29000183. References: B-RB#106314.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8464", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8464"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8464", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8464", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:36", "description": "An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31747749. References: MT-ALPS02968909.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8446", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8446"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8446", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8446", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:36", "description": "An elevation of privilege vulnerability in the bootloader could enable a local attacker to execute arbitrary modem commands on the device. This issue is rated as High because it is a local permanent denial of service (device interoperability: completely permanent or requiring re-flashing the entire operating system). Product: Android. Versions: N/A. Android ID: A-30308784.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-13T16:59:00", "type": "cve", "title": "CVE-2016-8467", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8467"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8467", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8467", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:36", "description": "An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.4. Android ID: A-32178033.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8451", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8451"], "modified": "2017-01-18T14:29:00", "cpe": ["cpe:/o:linux:linux_kernel:3.4"], "id": "CVE-2016-8451", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8451", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:34", "description": "Possible buffer overflow in trust zone access control API. Buffer overflow may occur due to lack of buffer size checking. Product: Android. Versions: Kernel 3.18. Android ID: A-31625204. References: QC-CR#1027804.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8439", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8439"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8439", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8439", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:33", "description": "Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8438", "cwe": ["CWE-190"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8438"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8438", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8438", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:35", "description": "An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10. Android ID: A-31668540. References: N-CVE-2016-8460.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8460", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8460"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8460", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8460", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:34", "description": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10. Android ID: A-24739315. References: B-RB#73392.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8453", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8453"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8453", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8453", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-13T02:05:40", "description": "The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image.", "cvss3": {}, "published": "2014-12-26T00:59:00", "type": "cve", "title": "CVE-2014-9420", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9420"], "modified": "2023-02-13T00:45:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18.1"], "id": "CVE-2014-9420", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9420", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:37:42", "description": "A denial of service vulnerability in Tremolo/dpen.s in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31647370.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2017-0390", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0390"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:google:android:5.1.0", "cpe:/o:google:android:4.0.1", "cpe:/o:google:android:4.4", "cpe:/o:google:android:4.4.4", "cpe:/o:google:android:5.0.2", "cpe:/o:google:android:4.0.3", "cpe:/o:google:android:4.0.4", "cpe:/o:google:android:5.0", "cpe:/o:google:android:4.4.3", "cpe:/o:google:android:4.0", "cpe:/o:google:android:6.0", "cpe:/o:google:android:5.1.1", "cpe:/o:google:android:5.1", "cpe:/o:google:android:4.2.1", "cpe:/o:google:android:4.1.2", "cpe:/o:google:android:4.1", "cpe:/o:google:android:4.2", "cpe:/o:google:android:4.4.1", "cpe:/o:google:android:4.0.2", "cpe:/o:google:android:4.3.1", "cpe:/o:google:android:7.1.0", "cpe:/o:google:android:4.4.2", "cpe:/o:google:android:6.0.1", "cpe:/o:google:android:5.0.1", "cpe:/o:google:android:7.0", "cpe:/o:google:android:4.3", "cpe:/o:google:android:4.2.2"], "id": "CVE-2017-0390", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0390", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:32", "description": "Possible buffer overflow in SMMU system call. Improper input validation in ADSP SID2CB system call may result in hypervisor memory overwrite. Product: Android. Versions: Kernel 3.18. Android ID: A-31625306. References: QC-CR#1036747.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8440", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8440"], "modified": "2017-01-23T23:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8440", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8440", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:33", "description": "Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC-CR#964185.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8443", "cwe": ["CWE-285"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8443"], "modified": "2017-01-24T00:02:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8443", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8443", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:36", "description": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32219453. References: B-RB#106116.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8457", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8457"], "modified": "2017-01-24T00:08:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8457", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8457", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:37:43", "description": "An elevation of privilege vulnerability in the External Storage Provider could enable a local secondary user to read data from an external storage SD card inserted by the primary user. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32523490.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2017-0388", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0388"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:6.0.1", "cpe:/o:google:android:6.0", "cpe:/o:google:android:7.0", "cpe:/o:google:android:7.1.0"], "id": "CVE-2017-0388", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0388", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:13:28", "description": "Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-03T15:59:00", "type": "cve", "title": "CVE-2016-5180", "cwe": ["CWE-787"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5180"], "modified": "2022-08-16T13:17:00", "cpe": ["cpe:/a:c-ares_project:c-ares:1.1.0", "cpe:/a:c-ares_project:c-ares:1.5.2", "cpe:/a:c-ares_project:c-ares:1.7.1", "cpe:/a:c-ares_project:c-ares:1.7.4", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:c-ares_project:c-ares:1.3.1", "cpe:/a:c-ares_project:c-ares:1.5.3", "cpe:/a:c-ares_project:c-ares:1.0.0", "cpe:/a:c-ares_project:c-ares:1.9.1", "cpe:/a:c-ares_project:c-ares:1.10.0", "cpe:/a:c-ares_project:c-ares:1.5.0", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/a:c-ares_project:c-ares:1.3.0", "cpe:/a:c-ares_project:c-ares:1.11.0", "cpe:/a:c-ares_project:c-ares:1.7.5", "cpe:/a:c-ares_project:c-ares:1.6.0", "cpe:/o:canonical:ubuntu_linux:16.10", "cpe:/a:c-ares_project:c-ares:1.3.2", "cpe:/o:debian:debian_linux:8.0", "cpe:/a:c-ares_project:c-ares:1.4.0", "cpe:/a:c-ares_project:c-ares:1.5.1", "cpe:/a:c-ares_project:c-ares:1.7.2", "cpe:/a:c-ares_project:c-ares:1.2.1", "cpe:/a:c-ares_project:c-ares:1.2.0", "cpe:/a:c-ares_project:c-ares:1.7.0", "cpe:/a:c-ares_project:c-ares:1.9.0", "cpe:/a:c-ares_project:c-ares:1.8.0", "cpe:/a:c-ares_project:c-ares:1.7.3"], "id": "CVE-2016-5180", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5180", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.7.3:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:c-ares_project:c-ares:1.4.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:37:41", "description": "A denial of service vulnerability in core networking could enable a remote attacker to use specially crafted network packet to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31850211.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2017-0389", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0389"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:6.0.1", "cpe:/o:google:android:6.0", "cpe:/o:google:android:7.0", "cpe:/o:google:android:7.1.0"], "id": "CVE-2017-0389", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0389", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:32", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32402179. References: N-CVE-2016-8431.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8431", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8431"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8431", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8431", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:43", "description": "An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32450261. References: QC-CR#1007860.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8436", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8436"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:google:android:6.0.1"], "id": "CVE-2016-8436", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8436", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:33", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32225180. References: N-CVE-2016-8430.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8430", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8430"], "modified": "2017-10-19T01:30:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8430", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8430", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:17:39", "description": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-16T21:59:00", "type": "cve", "title": "CVE-2016-7042", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7042"], "modified": "2018-01-05T02:31:00", "cpe": ["cpe:/o:linux:linux_kernel:4.8.2"], "id": "CVE-2016-7042", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7042", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:4.8.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:31", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799206. References: N-CVE-2016-8426.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8426", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8426"], "modified": "2017-10-19T01:30:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8426", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8426", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:35", "description": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32174590. References: B-RB#107142.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8454", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8454"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8454", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8454", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:33", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32700935. References: N-CVE-2016-8435.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8435", "cwe": ["CWE-284"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8435"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8435", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8435", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:38:10", "description": "An information disclosure vulnerability in Audioserver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android IDs: A-32438594, A-32635664.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-13T16:59:00", "type": "cve", "title": "CVE-2017-0398", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0398"], "modified": "2017-01-18T14:58:00", "cpe": ["cpe:/o:google:android:6.0", "cpe:/o:google:android:7.1.0", "cpe:/o:google:android:6.0.1", "cpe:/o:google:android:4.4.4", "cpe:/o:google:android:7.0", "cpe:/o:google:android:5.1.1"], "id": "CVE-2017-0398", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0398", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:31", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799885. References: N-CVE-2016-8427.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8427", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8427"], "modified": "2017-10-19T01:30:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8427", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8427", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:30", "description": "An elevation of privilege vulnerability in the Qualcomm camera could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31225246. References: QC-CR#1071891.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8412", "cwe": ["CWE-284"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8412"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8412", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8412", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:33", "description": "An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31750190. References: MT-ALPS02974192.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8433", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8433"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8433", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8433", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:37:43", "description": "An information disclosure vulnerability in lvm/wrapper/Bundle/EffectBundle.cpp in libeffects in the Qualcomm audio post processor could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32588756.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2017-0399", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0399"], "modified": "2019-03-12T18:07:00", "cpe": ["cpe:/o:google:android:6.0.1", "cpe:/o:google:android:4.4.4", "cpe:/o:google:android:7.0", "cpe:/o:google:android:5.0.2", "cpe:/o:google:android:7.1.1", "cpe:/o:google:android:5.1.1"], "id": "CVE-2017-0399", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0399", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:33", "description": "An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32125137. References: QC-CR#1081855.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8434", "cwe": ["CWE-284"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8434"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8434", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8434", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:37:44", "description": "An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32510733.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2017-0404", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0404"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2017-0404", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0404", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:33", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31797770. References: N-CVE-2016-8425.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8425", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8425"], "modified": "2017-10-19T01:30:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8425", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8425", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:34", "description": "An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31791148. References: MT-ALPS02982181.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8448", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8448"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8448", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8448", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:33", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32447738. References: N-CVE-2016-8432.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8432", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8432"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8432", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8432", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:32", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32160775. References: N-CVE-2016-8429.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8429", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8429"], "modified": "2017-10-19T01:30:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8429", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8429", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:32", "description": "Improper input validation in Access Control APIs. Access control API may return memory range checking incorrectly. Product: Android. Versions: Kernel 3.18. Android ID: A-31623057. References: QC-CR#1009695.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8437", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8437"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8437", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8437", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:32", "description": "An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31399736. References: QC-CR#1000546.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8423", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8423"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8423", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8423", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:32", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31606947. References: N-CVE-2016-8424.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8424", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8424"], "modified": "2017-10-19T01:30:00", "cpe": ["cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8424", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8424", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:36", "description": "An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32506396. References: QC-CR#1050323.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8452", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8452"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18", "cpe:/o:linux:linux_kernel:3.10"], "id": "CVE-2016-8452", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8452", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*", "cpe:2.3:o:linux:linux_kernel:3.10:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:34", "description": "Possible buffer overflow in the hypervisor. Inappropriate usage of a static array could lead to a buffer overrun. Product: Android. Versions: Kernel 3.18. Android ID: A-31625904. References: QC-CR#1027769.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8441", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8441"], "modified": "2017-01-24T00:00:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8441", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8441", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:37:42", "description": "An elevation of privilege vulnerability in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32660278.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2017-0387", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0387"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:google:android:6.0", "cpe:/o:google:android:5.1.0", "cpe:/o:google:android:7.1.0", "cpe:/o:google:android:6.0.1", "cpe:/o:google:android:5.1", "cpe:/o:google:android:5.0.1", "cpe:/o:google:android:7.0", "cpe:/o:google:android:5.0.2", "cpe:/o:google:android:5.0", "cpe:/o:google:android:5.1.1"], "id": "CVE-2017-0387", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0387", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:35", "description": "An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31749463. References: MT-ALPS02968886.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8447", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8447"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8447", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8447", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:32", "description": "An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31471220. References: QC-CR#979426.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8422", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8422"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8422", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8422", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:13:50", "description": "Buffer overflow in the Qualcomm radio driver in Android before 2017-01-05 on Android One devices allows local users to gain privileges via a crafted application, aka Android internal bug 32639452 and Qualcomm internal bug CR1079713.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-01-23T01:29:00", "type": "cve", "title": "CVE-2016-5345", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5345"], "modified": "2018-02-12T18:08:00", "cpe": ["cpe:/o:google:android:-"], "id": "CVE-2016-5345", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-5345", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:google:android:-:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:33", "description": "Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-31625910. QC-CR#1038173.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8442", "cwe": ["CWE-20"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8442"], "modified": "2017-01-24T00:02:00", "cpe": ["cpe:/o:linux:linux_kernel:3.18"], "id": "CVE-2016-8442", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8442", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:o:linux:linux_kernel:3.18:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:37:42", "description": "A denial of service vulnerability in VBRISeeker.cpp in libstagefright in Mediaserver could enable a remote attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32577290.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2017-0392", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0392"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:google:android:5.1.0", "cpe:/o:google:android:4.0.1", "cpe:/o:google:android:4.4", "cpe:/o:google:android:4.4.4", "cpe:/o:google:android:5.0.2", "cpe:/o:google:android:4.0.3", "cpe:/o:google:android:4.0.4", "cpe:/o:google:android:5.0", "cpe:/o:google:android:4.4.3", "cpe:/o:google:android:4.0", "cpe:/o:google:android:6.0", "cpe:/o:google:android:5.1.1", "cpe:/o:google:android:5.1", "cpe:/o:google:android:4.2.1", "cpe:/o:google:android:4.1.2", "cpe:/o:google:android:4.1", "cpe:/o:google:android:4.2", "cpe:/o:google:android:4.4.1", "cpe:/o:google:android:4.0.2", "cpe:/o:google:android:4.3.1", "cpe:/o:google:android:7.1.0", "cpe:/o:google:android:4.4.2", "cpe:/o:google:android:6.0.1", "cpe:/o:google:android:5.0.1", "cpe:/o:google:android:7.0", "cpe:/o:google:android:4.3", "cpe:/o:google:android:4.2.2"], "id": "CVE-2017-0392", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0392", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.3.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.4:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.3:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.3:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.3:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.2.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.4.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:4.0.2:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:37:40", "description": "A remote code execution vulnerability in the Framesequence library could enable an attacker using a specially crafted file to execute arbitrary code in the context of an unprivileged process. This issue is rated as High due to the possibility of remote code execution in an application that uses the Framesequence library. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32338390.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2017-0382", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0382"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:google:android:6.0", "cpe:/o:google:android:5.1.0", "cpe:/o:google:android:7.1.0", "cpe:/o:google:android:6.0.1", "cpe:/o:google:android:5.1", "cpe:/o:google:android:5.0.1", "cpe:/o:google:android:7.0", "cpe:/o:google:android:5.0.2", "cpe:/o:google:android:5.0", "cpe:/o:google:android:5.1.1"], "id": "CVE-2017-0382", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0382", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-08T15:37:49", "description": "A denial of service vulnerability in Telephony could enable a remote attacker to cause a device hang or reboot. This issue is rated as High due to the possibility of remote denial of service. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-31752213.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2017-0394", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0394"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:google:android:6.0", "cpe:/o:google:android:5.1.0", "cpe:/o:google:android:7.1.0", "cpe:/o:google:android:6.0.1", "cpe:/o:google:android:5.1", "cpe:/o:google:android:5.0.1", "cpe:/o:google:android:7.0", "cpe:/o:google:android:5.0.2", "cpe:/o:google:android:5.0", "cpe:/o:google:android:5.1.1"], "id": "CVE-2017-0394", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-0394", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:o:google:android:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "cpe:2.3:o:google:android:5.1.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-02-09T14:20:37", "description": "An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-31531758. References: MT-ALPS02961384.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 4.7, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T20:59:00", "type": "cve", "title": "CVE-2016-8472", "cwe": ["CWE-200"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8472"], "modified": "2017-01-18T02:59:00", "cpe": ["cpe:/o:google:android:7.1.0"], "id": "CVE-2016-8472", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8472", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:google:android:7.1.0:*:*:*:*:*:*:*"]}], "ubuntucve": [{"lastseen": "2023-01-18T14:37:50", "description": "The ring_buffer_resize function in kernel/trace/ring_buffer.c in the\nprofiling subsystem in the Linux kernel before 4.6.1 mishandles certain\ninteger calculations, which allows local users to gain privileges by\nwriting to the /sys/kernel/debug/tracing/buffer_size_kb file.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-05T00:00:00", "type": "ubuntucve", "title": "CVE-2016-9754", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9754"], "modified": "2017-01-05T00:00:00", "id": "UB:CVE-2016-9754", "href": "https://ubuntu.com/security/CVE-2016-9754", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-26T15:28:29", "description": "Use-after-free vulnerability in the path_openat function in fs/namei.c in\nthe Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a\ndenial of service or possibly have unspecified other impact via O_TMPFILE\nfilesystem operations that leverage a duplicate cleanup operation.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1484797>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2015-08-03T00:00:00", "type": "ubuntucve", "title": "CVE-2015-5706", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5706"], "modified": "2015-08-03T00:00:00", "id": "UB:CVE-2015-5706", "href": "https://ubuntu.com/security/CVE-2015-5706", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-15T15:21:56", "description": "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages,\nwhich allows local users to gain privileges or cause a denial of service\n(page tainting) via a crafted application that triggers writing to page\nzero.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1580370>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-16T00:00:00", "type": "ubuntucve", "title": "CVE-2015-3288", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3288"], "modified": "2016-10-16T00:00:00", "id": "UB:CVE-2015-3288", "href": "https://ubuntu.com/security/CVE-2015-3288", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T14:06:19", "description": "An elevation of privilege vulnerability in the bootloader could enable a\nlocal attacker to execute arbitrary modem commands on the device. This\nissue is rated as High because it is a local permanent denial of service\n(device interoperability: completely permanent or requiring re-flashing the\nentire operating system). Product: Android. Versions: N/A. Android ID:\nA-30308784.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2017-01-13T00:00:00", "type": "ubuntucve", "title": "CVE-2016-8467", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8467"], "modified": "2017-01-13T00:00:00", "id": "UB:CVE-2016-8467", "href": "https://ubuntu.com/security/CVE-2016-8467", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-16T15:41:08", "description": "The rock_continue function in fs/isofs/rock.c in the Linux kernel through\n3.18.1 does not restrict the number of Rock Ridge continuation entries,\nwhich allows local users to cause a denial of service (infinite loop, and\nsystem crash or hang) via a crafted iso9660 image.\n\n#### Bugs\n\n * <https://launchpad.net/bugs/1407947>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.04 preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support\n", "cvss3": {}, "published": "2014-12-25T00:00:00", "type": "ubuntucve", "title": "CVE-2014-9420", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9420"], "modified": "2014-12-25T00:00:00", "id": "UB:CVE-2014-9420", "href": "https://ubuntu.com/security/CVE-2014-9420", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-04T14:06:24", "description": "A denial of service vulnerability in Tremolo/dpen.s in Mediaserver could\nenable a remote attacker to use a specially crafted file to cause a device\nhang or reboot. This issue is rated as High due to the possibility of\nremote denial of service. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1,\n6.0, 6.0.1, 7.0, 7.1. Android ID: A-31647370.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T00:00:00", "type": "ubuntucve", "title": "CVE-2017-0390", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0390"], "modified": "2017-01-12T00:00:00", "id": "UB:CVE-2017-0390", "href": "https://ubuntu.com/security/CVE-2017-0390", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-17T13:58:05", "description": "Heap-based buffer overflow in the ares_create_query function in c-ares 1.x\nbefore 1.12.0 allows remote attackers to cause a denial of service\n(out-of-bounds write) or possibly execute arbitrary code via a hostname\nwith an escaped trailing dot.\n\n#### Bugs\n\n * <https://bugs.launchpad.net/ubuntu/+source/c-ares/+bug/1629085>\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839151>\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-03T00:00:00", "type": "ubuntucve", "title": "CVE-2016-5180", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5180"], "modified": "2016-10-03T00:00:00", "id": "UB:CVE-2016-5180", "href": "https://ubuntu.com/security/CVE-2016-5180", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-04T14:08:20", "description": "The proc_keys_show function in security/keys/proc.c in the Linux kernel\nthrough 4.8.2, when the GNU Compiler Collection (gcc) stack protector is\nenabled, uses an incorrect buffer size for certain timeout data, which\nallows local users to cause a denial of service (stack memory corruption\nand panic) by reading the /proc/keys file.\n\n#### Notes\n\nAuthor| Note \n---|--- \n[jdstrand](<https://launchpad.net/~jdstrand>) | android kernels (flo, goldfish, grouper, maguro, mako and manta) are not supported on the Ubuntu Touch 14.10 and earlier preview kernels linux-lts-saucy no longer receives official support linux-lts-quantal no longer receives official support \n[sbeattie](<https://launchpad.net/~sbeattie>) | fix is commit 03dab869b7b239c4e013ec82aea22e181e441cfc\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-16T00:00:00", "type": "ubuntucve", "title": "CVE-2016-7042", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7042"], "modified": "2016-10-16T00:00:00", "id": "UB:CVE-2016-7042", "href": "https://ubuntu.com/security/CVE-2016-7042", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2022-08-04T14:06:23", "description": "An elevation of privilege vulnerability in Mediaserver could enable a local\nmalicious application to execute arbitrary code within the context of a\nprivileged process. This issue is rated as High because it could be used to\ngain local access to elevated capabilities, which are not normally\naccessible to a third-party application. Product: Android. Versions: 5.0.2,\n5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32660278.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T00:00:00", "type": "ubuntucve", "title": "CVE-2017-0387", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0387"], "modified": "2017-01-12T00:00:00", "id": "UB:CVE-2017-0387", "href": "https://ubuntu.com/security/CVE-2017-0387", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-04T14:06:23", "description": "A denial of service vulnerability in VBRISeeker.cpp in libstagefright in\nMediaserver could enable a remote attacker to use a specially crafted file\nto cause a device hang or reboot. This issue is rated as High due to the\npossibility of remote denial of service. Product: Android. Versions: 4.4.4,\n5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1. Android ID: A-32577290.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 5.5, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2017-01-12T00:00:00", "type": "ubuntucve", "title": "CVE-2017-0392", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0392"], "modified": "2017-01-12T00:00:00", "id": "UB:CVE-2017-0392", "href": "https://ubuntu.com/security/CVE-2017-0392", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "redhatcve": [{"lastseen": "2021-07-29T10:40:45", "description": "An integer overflow vulnerability was found in the ring_buffer_resize() calculations in which a privileged user can adjust the size of the ringbuffer message size. These calculations can create an issue where the kernel memory allocator will not allocate the correct count of pages yet expect them to be usable. This can lead to the ftrace() output to appear to corrupt kernel memory and possibly be used for privileged escalation or more likely kernel panic.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-05T11:17:26", "type": "redhatcve", "title": "CVE-2016-9754", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9754"], "modified": "2020-04-14T19:04:38", "id": "RH:CVE-2016-9754", "href": "https://access.redhat.com/security/cve/cve-2016-9754", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-09T01:50:55", "description": "A vulnerability was found in c-ares. A hostname with an escaped trailing dot (such as \"hello\\\\.\") would have its size calculated incorrectly, leading to a single byte written beyond the end of a buffer on the heap. An attacker able to provide such a hostname to an application using c-ares, could potentially cause that application to crash.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-09-29T16:47:23", "type": "redhatcve", "title": "CVE-2016-5180", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5180"], "modified": "2021-11-08T23:42:36", "id": "RH:CVE-2016-5180", "href": "https://access.redhat.com/security/cve/cve-2016-5180", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-01-21T00:10:51", "description": "It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks.\n", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.2, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2016-10-13T13:17:40", "type": "redhatcve", "title": "CVE-2016-7042", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7042"], "modified": "2022-01-20T21:49:55", "id": "RH:CVE-2016-7042", "href": "https://access.redhat.com/security/cve/cve-2016-7042", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-09-02T22:51:51", "description": "An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32510733.\n", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-31T09:18:18", "type": "redhatcve", "title": "CVE-2017-0404", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0404"], "modified": "2020-04-14T19:05:30", "id": "RH:CVE-2017-0404", "href": "https://access.redhat.com/security/cve/cve-2017-0404", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2023-03-19T22:09:48", "description": "The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2017-01-05T11:59:00", "type": "debiancve", "title": "CVE-2016-9754", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-9754"], "modified": "2017-01-05T11:59:00", "id": "DEBIANCVE:CVE-2016-9754", "href": "https://security-tracker.debian.org/tracker/CVE-2016-9754", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-19T22:09:46", "description": "Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation.", "cvss3": {}, "published": "2015-08-31T10:59:00", "type": "debiancve", "title": "CVE-2015-5706", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5706"], "modified": "2015-08-31T10:59:00", "id": "DEBIANCVE:CVE-2015-5706", "href": "https://security-tracker.debian.org/tracker/CVE-2015-5706", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-19T22:09:46", "description": "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-16T21:59:00", "type": "debiancve", "title": "CVE-2015-3288", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3288"], "modified": "2016-10-16T21:59:00", "id": "DEBIANCVE:CVE-2015-3288", "href": "https://security-tracker.debian.org/tracker/CVE-2015-3288", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-03-19T22:09:45", "description": "The rock_continue function in fs/isofs/rock.c in the Linux kernel through 3.18.1 does not restrict the number of Rock Ridge continuation entries, which allows local users to cause a denial of service (infinite loop, and system crash or hang) via a crafted iso9660 image.", "cvss3": {}, "published": "2014-12-26T00:59:00", "type": "debiancve", "title": "CVE-2014-9420", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-9420"], "modified": "2014-12-26T00:59:00", "id": "DEBIANCVE:CVE-2014-9420", "href": "https://security-tracker.debian.org/tracker/CVE-2014-9420", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-28T06:05:41", "description": "Heap-based buffer overflow in the ares_create_query function in c-ares 1.x before 1.12.0 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly execute arbitrary code via a hostname with an escaped trailing dot.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2016-10-03T15:59:00", "type": "debiancve", "title": "CVE-2016-5180", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5180"], "modified": "2016-10-03T15:59:00", "id": "DEBIANCVE:CVE-2016-5180", "href": "https://security-tracker.debian.org/tracker/CVE-2016-5180", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-19T22:09:48", "description": "The proc_keys_show function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection (gcc) stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service (stack memory corruption and panic) by reading the /proc/keys file.", "cvss3": {"exploitabilityScore": 2.5, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.2, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2016-10-16T21:59:00", "type": "debiancve", "title": "CVE-2016-7042", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-7042"], "modified": "2016-10-16T21:59:00", "id": "DEBIANCVE:CVE-2016-7042", "href": "https://security-tracker.debian.org/tracker/CVE-2016-7042", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-03-19T22:09:48", "description": "An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32510733.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.0, "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2017-01-12T20:59:00", "type": "debiancve", "title": "CVE-2017-0404", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.6, "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-0404"], "modified": "2017-01-12T20:59:00", "id": "DEBIANCVE:CVE-2017-0404", "href": "https://security-tracker.debian.org/tracker/CVE-2017-0404", "cvss": {"score": 7.6, "vector": "AV:N/AC:H/Au:N/C:C/I:C/A:C"}}], "android": [{"lastseen": "2021-07-28T14:34:37", "description": "Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation.", "cvss3": {}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2015-5706", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 4.6, "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-5706"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2015-5706", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2015-5706.html", "sourceData": "", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-07-28T14:34:36", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8482", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8482"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8482", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8482.html", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:29", "description": "mm/memory.c in the Linux kernel before 4.1.4 mishandles anonymous pages, which allows local users to gain privileges or cause a denial of service (page tainting) via a crafted application that triggers writing to page zero.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2015-3288", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-3288"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2015-3288", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2015-3288.html", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:36", "description": "Integer overflow leading to a TOCTOU condition in hypervisor PIL. An integer overflow exposes a race condition that may be used to bypass (Peripheral Image Loader) PIL authentication. Product: Android. Versions: Kernel 3.18. Android ID: A-31624565. References: QC-CR#1023638.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8438", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8438"], "modified": "2019-07-30T00:00:00", "id": "ANDROID:CVE-2016-8438", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8438.html", "sourceData": "", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:36", "description": "Possible unauthorized memory access in the hypervisor. Incorrect configuration provides access to subsystem page tables. Product: Android. Versions: Kernel 3.18. Android ID: A-32576499. References: QC-CR#964185.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8443", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8443"], "modified": "2019-07-30T00:00:00", "id": "ANDROID:CVE-2016-8443", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8443.html", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:40", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32402179. References: N-CVE-2016-8431.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8431", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8431"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8431", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8431.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:36", "description": "An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32450261. References: QC-CR#1007860.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8436", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8436"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8436", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8436.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:40", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32225180. References: N-CVE-2016-8430.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8430", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8430"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8430", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8430.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:40", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799206. References: N-CVE-2016-8426.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8426", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8426"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8426", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8426.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:36", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32700935. References: N-CVE-2016-8435.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8435", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8435"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8435", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8435.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:40", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31799885. References: N-CVE-2016-8427.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8427", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8427"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8427", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8427.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:41", "description": "An elevation of privilege vulnerability in the MediaTek driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31750190. References: MT-ALPS02974192.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8433", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8433"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8433", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8433.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:36", "description": "An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32125137. References: QC-CR#1081855.", "cvss3": {"exploitabilityScore": 1.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.0, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8434", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8434"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8434", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8434.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:40", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31797770. References: N-CVE-2016-8425.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8425", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8425"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8425", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8425.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:41", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.18. Android ID: A-32447738. References: N-CVE-2016-8432.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8432", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8432"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8432", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8432.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:40", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-32160775. References: N-CVE-2016-8429.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8429", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8429"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8429", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8429.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:40", "description": "An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31399736. References: QC-CR#1000546.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8423", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8423"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8423", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8423.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:40", "description": "An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-31606947. References: N-CVE-2016-8424.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8424", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8424"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8424", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8424.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:40", "description": "An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-31471220. References: QC-CR#979426.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8422", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8422"], "modified": "2019-07-26T00:00:00", "id": "ANDROID:CVE-2016-8422", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8422.html", "sourceData": "", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:34:36", "description": "Possible unauthorized memory access in the hypervisor. Lack of input validation could allow hypervisor memory to be accessed by the HLOS. Product: Android. Versions: Kernel 3.18. Android ID: A-31625910. QC-CR#1038173.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2017-01-01T00:00:00", "type": "android", "title": "CVE-2016-8442", "bulletinFamily": "software", "hackapp": {}, "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-8442"], "modified": "2019-07-30T00:00:00", "id": "ANDROID:CVE-2016-8442", "href": "http://www.androidvulnerabilities.org/vulnerabilities/CVE-2016-8442.html", "sourceData": "", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "cert": [{"lastseen": "2021-09-28T17:49:54", "description": "### Overview\n\nASN.1 is a standard representation of data for networking and telecommunications applications. Objective System's ASN1C compiler generates C and C++ code that may be vulnerable to heap overflow.\n\n### Description\n\n[**CWE-122**](<http://cwe.mitre.org/data/definitions/122.html>)**: Heap-based Buffer Overflow - **CVE-2016-5080\n\nASN1C is used to generate high-level-language code from ASN.1 syntax. According to the reporter, the generated C and C++ code from ASN1C may be vulnerable to heap overflow in the generated heap manager's `rtxMemHeapAlloc` function. It is currently unclear if a similar vulnerability exists in other output languages such as Java. and C#. \n \nA remote unauthenticated attacker may be able to exploit the heap overflow to execute arbitrary code on the underlying system, but the availability of this exploit depends on whether the application utilizes the `rtxMemHeapAlloc` function in an unsafe way. In particular, the application would likely need to process ASN.1 data from untrusted sources to be vulnerable. Developers making use of ASN1C in their products should audit their code to determine if their application is vulnerable. The CVSS score below reflects a worst-case scenario, and may not apply to all instances. \n \nThe researcher has more information available in a [security advisory](<https://github.com/programa-stic/security-advisories/tree/master/ObjSys/CVE-2016-5080>). \n \n--- \n \n### Impact\n\nThe impact may vary depending on how the vulnerable code is used in an application. In worst case, an application that utilizes ASN.1 data from untrusted sources may be exploited by a remote unauthenticated attacker to execute arbitrary code with permissions of the application (typically root/SYSTEM). \n \n--- \n \n### Solution\n\n**Apply an update** \n \nObjective Systems has released a hotfix for the ASN1C 7.0.1.x series to correct this flaw. Customers using the vulnerable features should contact Objective Systems directly to request the hotfix. Customers may also alternately use a different heap manager, or edit the generated code by hand to remove the heap overflow. \n \nASN1C version 7.0.2 will contain the fix for all customers, but its release date is currently not set. \n \n--- \n \n### Vendor Information\n\nThe vendors listed below were primarily sourced from Objective Systems' customer list. The CERT/CC has no further evidence that any particular vendor is impacted unless marked Affected; vendors are encouraged to reach out to us to clarify their status. \n \n--- \n \n790839\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Objective Systems __ Affected\n\nUpdated: June 20, 2016 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nAffected customers should contact Objective Systems to obtain a hotfix for ASN1C version 7.0.1.x.\n\nThe vulnerability will be fully corrected when version 7.0.2 is released. Currently there is no estimated release date for version 7.0.2.\n\n### Check Point Software Technologies Not Affected\n\nUpdated: July 29, 2016 \n\n**Statement Date: July 28, 2016**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Hewlett Packard Enterprise Not Affected\n\nNotified: June 20, 2016 Updated: July 01, 2016 \n\n**Statement Date: June 30, 2016**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Honeywell Not Affected\n\nNotified: June 20, 2016 Updated: July 07, 2016 \n\n**Statement Date: July 07, 2016**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Huawei Technologies Not Affected\n\nNotified: June 20, 2016 Updated: July 29, 2016 \n\n**Statement Date: July 28, 2016**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Juniper Networks Not Affected\n\nNotified: August 26, 2016 Updated: August 26, 2016 \n\n**Statement Date: August 26, 2016**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### QUALCOMM Incorporated __ Not Affected\n\nNotified: June 20, 2016 Updated: August 22, 2016 \n\n**Statement Date: July 21, 2016**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n`\"We have determined that the products designed by Qualcomm Technologies Inc. (QTI) to interface with the Objective Systems ASN.1 module at issue properly implemented size checks. Thus, the integer overflow vulnerability that can further lead to a heap-based buffer overflow is mitigated and we believe is not exploitable through QTI's implementations.\"`\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Addendum\n\nWhile Qualcomm uses the vulnerable module in their cellular protocol software, current analysis suggests they are not impacted by this vulnerability.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23790839 Feedback>).\n\n### Siemens Not Affected\n\nNotified: July 19, 2016 Updated: July 20, 2016 \n\n**Statement Date: July 20, 2016**\n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### AT&T Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Alcatel-Lucent Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### BAE Systems Unknown\n\nNotified: July 19, 2016 Updated: July 19, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### BT Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Booz Allen Hamilton Unknown\n\nNotified: July 19, 2016 Updated: July 19, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Broadcom Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Cisco Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Deutsche Telekom Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Entrust Unknown\n\nNotified: July 19, 2016 Updated: July 19, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Ericsson Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### General Dynamics Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Google Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Harris Corporation Unknown\n\nNotified: July 19, 2016 Updated: July 19, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Hitachi Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### IBM Corporation Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Intel Corporation Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Microsoft Corporation Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Motorola, Inc. Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### NEC Corporation Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Nokia Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Panasonic Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Polycom Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### SEIKO EPSON Corp. / Epson America Inc. Unknown\n\nNotified: July 19, 2016 Updated: July 19, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Samsung Mobile Unknown\n\nNotified: July 21, 2016 Updated: July 21, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Sony Corporation Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### TMobile Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Unisys Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Verizon Unknown\n\nNotified: June 20, 2016 Updated: June 20, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Vodafone Group, Inc. Unknown\n\nNotified: July 19, 2016 Updated: July 19, 2016 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\nView all 37 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 9.3 | AV:N/AC:M/Au:N/C:C/I:C/A:C \nTemporal | 7.1 | E:U/RL:TF/RC:C \nEnvironmental | 5.4 | CDP:ND/TD:M/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n * <https://github.com/programa-stic/security-advisories/tree/master/ObjSys/CVE-2016-5080>\n * <http://www.fundacionsadosky.org.ar/publicaciones/>\n * <http://cwe.mitre.org/data/definitions/122.html>\n * <https://www.ncsc.nl/dienstverlening/response-op-dreigingen-en-incidenten/beveiligingsadviezen/NCSC-2016-0650+1.00+Kwetsbaarheid+verholpen+in+ASN1C.html>\n\n### Acknowledgements\n\nThanks to Lucas Molas and Ivan Arce of Programa STIC at the Fundaci\u00f3n Sadosky for researching and coordinating this vulnerability.\n\nThis document was written by Garret Wassermann.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2016-5080](<http://web.nvd.nist.gov/vuln/detail/CVE-2016-5080>) \n---|--- \n**Date Public:** | 2016-07-18 \n**Date First Published:** | 2016-07-19 \n**Date Last Updated: ** | 2016-08-26 18:07 UTC \n**Document Revision: ** | 53 \n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-19T00:00:00", "type": "cert", "title": "Objective Systems ASN1C generates code that contains a heap overflow vulnerability", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5080"], "modified": "2016-08-26T18:07:00", "id": "VU:790839", "href": "https://www.kb.cert.org/vuls/id/790839", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "f5": [{"lastseen": "2017-06-08T00:16:34", "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP ASM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.0| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.0 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nARX| None| 6.2.0 - 6.4.0| Not vulnerable| None \nEnterprise Manager| None| 3.1.1| Not vulnerable| None \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nF5 MobileSafe| None| 1.0.0| Not vulnerable| None \nF5 WebSafe| None| 1.0.0| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nNone\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-26T00:00:00", "type": "f5", "title": "Objective Systems ASN1C Compiler vulnerability CVE-2016-5080", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5080"], "modified": "2016-07-26T00:00:00", "id": "F5:K77323091", "href": "https://support.f5.com/csp/article/K77323091", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2016-07-26T01:04:04", "description": "Vulnerability Recommended Actions\n\nNone\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2016-07-25T00:00:00", "type": "f5", "title": "SOL77323091 - Objective Systems ASN1C Compiler vulnerability CVE-2016-5080", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-5080"], "modified": "2016-07-25T00:00:00", "id": "SOL77323091", "href": "http://support.f5.com/kb/en-us/solutions/public/k/77/sol77323091.html", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2021-06-08T18:45:07", "description": "* Although the software of the affected F5 products contains the vulnerable code, the affected F5 products do not use the vulnerable code in a way that exposes the vulnerability in a standard configuration. An attacker must have local shell access to the affected F5 products to trigger an exploit.\n\nRecommended Action\n\nIf you are running a version listed in the **Versions known to be vulnerable column**, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nTo mitigate this vulnerability for affected F5 products, you should permit management access to F5 products only over a secure network, and limit shell access to only tr

Android Security Bulletin—January 2017

Description

Related