Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ibmIBM0C9BE2F3A245999460BB6BC497E21EC27992E79FB4C1D769E6D1CF729AB33300
HistoryJul 25, 2018 - 2:35 p.m.

Security Bulletin: IBM QRadar Network Security is affected by Linux kernel vulnerabilities

2018-07-2514:35:46
www.ibm.com
53

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON

Summary

IBM QRadar Network Security has addressed the following vulnerabilities.

Vulnerability Details

CVEID:CVE-2018-1000004
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a race condition in the sound system. A remote attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137756&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2018-6927
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by an integer overflow in the futex_requeue function in kernel/futex.c. By triggering a negative wake or requeue value, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139067&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2018-5750
**DESCRIPTION:*Linux Kernel could allow a local attacker to obtain sensitive information, caused by a flaw in the acpi_smbus_hc_add function in drivers/acpi/sbshc.c. By reading dmesg data from an SBS HC printk call, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/138417&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

CVEID:CVE-2017-1000410
**DESCRIPTION:*Linux Kernel could allow a remote attacker to obtain sensitive information, caused by a flaw when processing the incoming of L2CAP commands, ConfigRequest and ConfigResponse messages. By manipulating the code flows that precede the handling of the configuration messages, a remote attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136155&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2017-1000407
**DESCRIPTION:*Linux Kernel, built with the KVM virtualization(CONFIG_KVM) support, is vulnerable to a denial of service, caused by improper validation of user-supplied input at the diagnostic port. By flooding the diagnostic port 0x80, a remote authenticated attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 6.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136235&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2017-1000252
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by an assertion failure in the KVM subsystem in arch/x86/kvm/vmx.c and virt/kvm/eventfd.c. By using a specially-crafted guest_irq value, a local authenticated attacker could exploit this vulnerability to cause the hypervisor hang or crash.
CVSS Base Score: 5.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132620&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2017-18203
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a flaw in the dm_get_from_kobject function in drivers/md/dm.c. By leveraging a race condition with __dm_destroy during creation and removal of DM devices, a local attacker could exploit this vulnerability to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/139759&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2017-18017
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c. By leveraging the presence of xt_TCPMSS in an iptables action, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 7.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137122&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2017-17558
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds write in the usb_destroy_configuration function in drivers/usb/core/config.c in the USB core subsystem. By using a specially-crafted USB device, a local attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136403&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2017-17449
**DESCRIPTION:*Linux Kernel could allow a local attacker to obtain sensitive information, caused by the failure to restrict observations of Netlink messages to a single net namespace when CONFIG_NLMON is enabled in the __netlink_deliver_tap_skb function in net/netlink/af_netlink.c. By leveraging the CAP_NET_ADMIN capability to sniff an nlmon interface for all Netlink activity on the system, an attacker could exploit this vulnerability to obtain sensitive information.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136106&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2017-15126
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in fs/userfaultfd.c. By sending a specially-crafted request, a remote attacker could exploit this vulnerability to cause fork event to be removed from an already freed list.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137626&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2017-15121
**DESCRIPTION:*Red Hat Enterprise Linux is vulnerable to a denial of service, caused by a flaw in the truncate_inode_pages_range(). A local authenticated attacker could exploit this vulnerability to cause the system to crash or mount a fuse filesystem.
CVSS Base Score: 5.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136213&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2017-15116
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by NULL pointer dereference in the rngapi_reset function in crypto/rng.c. By sending a specially-crafted packet, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 5.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135735&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2017-14140
**DESCRIPTION:*Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by improper validation of effective uid of the target process in the move_pages system call in mm/migrate.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to learn the memory layout of a setuid executable despite ASLR.
CVSS Base Score: 5.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/131413&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID:CVE-2016-3672
**DESCRIPTION:*Linux Kernel could allow a local attacker to bypass security restrictions, caused by an error in the Linux ASLR implementation. By setting the RLIMIT_STACK resource to unlimited, an attacker could exploit this vulnerability to disable the ASLR.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112055&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:CVE-2017-13166
**DESCRIPTION:*Google Android could allow a remote attacker to gain elevated privileges on the system, caused by a flaw in kernel v4l2 video driver. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to gain elevated privileges.
CVSS Base Score: 7.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136060&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2017-12190
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by an out-of-memory condition in the bio_map_user_iov and bio_unmap_user functions in block/bio.c. A local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135759&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:CVE-2017-12154
**DESCRIPTION:*Linux Kernel could allow a local authenticated attacker to bypass security restrictions, caused by a flaw in the prepare_vmcs02 function in arch/x86/kvm/vmx.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain read and write access to the hardware CR8 register.
CVSS Base Score: 7.1
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132621&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)

CVEID:CVE-2017-9725
**DESCRIPTION:*Google Android could allow a remote attacker to bypass security restrictions, caused by the wrong data type of size issue in Qualcomm Memory subsystem. By sending a specially-crafted request, an attacker could exploit this vulnerability to allow DMA allocation to succeed.
CVSS Base Score: 9.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/132422&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:CVE-2017-8824
**DESCRIPTION:*Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free in the dccp_disconnect function in net/dccp/proto.c. By using a specially-crafted system call, an attacker could exploit this vulnerability to gain privileges or cause a denial of service.
CVSS Base Score: 5.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/135913&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:CVE-2017-7294
**DESCRIPTION:Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds write in the vmw_surface_define_ioctl function. A local attacker could exploit this vulnerability using a specially crafted ioctl call for a /dev/dri/renderD device to cause the system to hang or crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/127410&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2016-8633
**DESCRIPTION:*Linux Kernel could allow a remote attacker to execute arbitrary code on the system, caused by an error in drivers/firewire/net.c. By sending specially-crafted fragmented packets. An attacker could exploit this vulnerability to execute arbitrary code on the system.
CVSS Base Score: 7.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/119632&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)

CVEID:CVE-2016-7913
**DESCRIPTION:*Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by an error in the xc2028_set_config function in drivers/media/tuners/tuner-xc2028.c. An attacker could exploit this vulnerability using attack vectors involving omission of the firmware name to gain privileges or cause a denial of service.
CVSS Base Score: 7.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/120052&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2017-17448
**DESCRIPTION:*Linux Kernel could allow a local attacker to bypass security restrictions, caused by the failure to require the CAP_NET_ADMIN capability for new, get, and del operations in net/netfilter/nfnetlink_cthelper.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to bypass intended access restrictions.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/136105&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N)

CVEID:CVE-2017-15265
**DESCRIPTION:*Linux Kernel could allow a local attacker to gain elevated privileges on the system, caused by a use-after-free memory error in the ALSA sequencer interface (/dev/snd/seq). By persuading a victim to open a specially-crafted application, an attacker could exploit this vulnerability to execute arbitrary code on the system with elevated privileges.
CVSS Base Score: 7.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/133342&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:CVE-2017-15129
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in the get_net_ns_by_id function in net/core/net_namespace.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause the system to crash.
CVSS Base Score: 6.2
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137388&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:CVE-2017-15127
**DESCRIPTION:*Linux Kernel is vulnerable to a denial of service, caused by a flaw in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/137627&gt; for the current score
CVSS Environmental Score: Undefined
CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

Affected Products and Versions

Affected Products Affected Versions
IBM QRadar Network Security 5.4.0

Remediation/Fixes

Product VRMF Remediation/First Fix
IBM QRadar Network Security Firmware version 5.4.0 Install Firmware 5.4.0.5 from the Available Updates page of the Local Management Interface, or by performing a One Time Scheduled Installation from SiteProtector.
Or
Download Firmware 5.4.0.5 from IBM Security License Key and Download Center and upload and install via the Available Updates page of the Local Management Interface.

Workarounds and Mitigations

None

CPENameOperatorVersion
ibm qradar network securityeq5.4.0

Related

nessus 77
redhat 8
oraclelinux 5
centos 2
ibm 5
openvas 17
fedora 4
mageia 3
osv 3
debian 3
virtuozzo 4
ubuntu 2
suse 40
redhatcve 6
debiancve 4
cve 3
veracode 5
prion 3
ubuntucve 3
f5 1
android 1
nessus
nessus
Scientific Linux Security Update : kernel on SL7.x x86_64 (20180410) (Meltdown)
2018-05-01 00:00:00
RHEL 7 : kernel-rt (RHSA-2018:0676)
2018-04-11 00:00:00
Oracle Linux 7 : kernel (ELSA-2018-1062)
2018-04-18 00:00:00
redhat
redhat
(RHSA-2018:0676) Important: kernel-rt security, bug fix, and enhancement update
2018-04-10 04:58:26
(RHSA-2018:1062) Important: kernel security, bug fix, and enhancement update
2018-04-10 08:33:10
(RHSA-2018:1170) Important: kernel-rt security and bug fix update
2018-04-17 14:55:13
oraclelinux
oraclelinux
kernel security, bug fix, and enhancement update
2018-04-16 00:00:00
Unbreakable Enterprise kernel security update
2018-05-15 00:00:00
kernel security and bug fix update
2018-05-08 00:00:00
centos
centos
kernel security update
2018-04-27 05:53:39
kernel, perf, python security update
2018-05-10 01:00:09
ibm
ibm
Security Bulletin: Vulnerabilities in Kernel affect Power Hardware Management Console
2021-09-22 23:05:38
Security Bulletin: Vulnerabilities in the Linux kernel affect PowerKVM
2018-07-06 23:49:08
Security Bulletin: Multiple Vulnerabilities in the Linux kernel affect the IBM FlashSystem models V840 and V9000
2019-11-11 15:20:37
openvas
openvas
Fedora Update for kernel FEDORA-2017-ba6b6e71f7
2017-12-20 00:00:00
Fedora Update for kernel FEDORA-2017-129969aa8a
2017-12-19 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1054)
2020-01-23 00:00:00
fedora
fedora
[SECURITY] Fedora 26 Update: kernel-4.14.6-200.fc26
2017-12-19 21:39:12
[SECURITY] Fedora 27 Update: kernel-4.14.6-300.fc27
2017-12-18 18:52:26
[SECURITY] Fedora 26 Update: kernel-4.14.16-200.fc26
2018-02-02 16:58:52
mageia
mageia
Updated kernel-linus packages fix security vulnerabilities
2018-01-13 17:28:36
Updated kernel packages fix security vulnerabilities
2018-02-05 22:12:45
Updated kernel-tmb packages fix security vulnerabilities
2018-02-16 00:17:42
osv
osv
linux - security update
2018-01-09 00:00:00
linux - security update
2018-02-22 00:00:00
linux - security update
2017-12-23 00:00:00
debian
debian
[SECURITY] [DSA 4082-1] linux security update
2018-01-09 16:10:52
[SECURITY] [DSA 4082-1] linux security update
2018-01-09 16:10:52
[SECURITY] [DSA 4073-1] linux security update
2017-12-23 20:13:29
virtuozzo
virtuozzo
Important kernel security update: CVE-2017-8824 and other; Virtuozzo ReadyKernel patch 42.0 for Virtuozzo 7.0.0, 7.0.1, and 7.0.3
2018-01-12 00:00:00
Kernel security update: Virtuozzo ReadyKernel patch 49.0 for Virtuozzo 7.0.1, 7.0.3, 7.0.5, 7.0.6, and 7.0.6 HF3
2018-05-07 00:00:00
Kernel security update: Virtuozzo ReadyKernel patch 49.0 for Virtuozzo 7.0.7 and 7.0.7 HF2
2018-05-07 00:00:00
ubuntu
ubuntu
Linux kernel (Trusty HWE) vulnerabilities
2018-07-02 00:00:00
Linux kernel vulnerabilities
2018-07-02 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2017-10-17 15:09:40
Security update for the Linux Kernel (important)
2017-10-17 15:15:08
Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP1) (important)
2018-04-20 15:31:25
redhatcve
redhatcve
CVE-2017-15116
2017-11-30 13:49:43
CVE-2017-15121
2017-12-05 15:52:42
CVE-2017-14140
2017-09-05 07:48:37
debiancve
debiancve
CVE-2017-15116
2017-11-30 18:29:00
CVE-2017-15121
2017-12-07 02:29:00
CVE-2017-14140
2017-09-05 06:29:00
cve
cve
CVE-2017-15116
2017-11-30 18:29:00
CVE-2017-15121
2017-12-07 02:29:00
CVE-2017-1000252
2017-09-26 05:29:00
veracode
veracode
Arbitrary Code Execution
2019-05-16 02:50:39
Denial Of Service (DoS)
2019-05-16 02:50:23
Denial Of Service (DoS)
2019-05-16 02:50:23
prion
prion
Null pointer dereference
2017-11-30 18:29:00
Code injection
2017-12-07 02:29:00
Out-of-bounds
2017-09-26 05:29:00
ubuntucve
ubuntucve
CVE-2017-15116
2017-11-30 00:00:00
CVE-2017-15121
2017-12-07 00:00:00
CVE-2017-1000252
2017-09-26 00:00:00
f5
f5
K42142782 : Linux kernel vulnerability CVE-2017-15121
2018-07-18 00:00:00
android
android
CVE-2016-7913
2016-11-01 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

JSON
Related for 0C9BE2F3A245999460BB6BC497E21EC27992E79FB4C1D769E6D1CF729AB33300
nessus77redhat8oraclelinux5centos2ibm5openvas17fedora4mageia3osv3debian3virtuozzo4ubuntu2suse40redhatcve6debiancve4cve3veracode5prion3ubuntucve3f51android1