7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
11.7%
An elevation of privilege vulnerability in the kernel file system. Product:
Android. Versions: Android kernel. Android ID A-31269937.
Author | Note |
---|---|
sbeattie | /proc/net/fib_trie leaks interface IP addresses plenty of other leaks of ip addrs exist in /proc/net/ likely not a general kernel issue S_IRUGO /proc entry added in 19baf839ff4a8daa1f2a7400897094fc18e4f5e9 net/ipv4/fib_trie.c::fib_proc_init() |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 23.10 | noarch | linux-riscv | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux | < any | UNKNOWN |
ubuntu | 22.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 18.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 23.10 | noarch | linux-aws | < any | UNKNOWN |
ubuntu | 20.04 | noarch | linux-azure | < any | UNKNOWN |
github.com/aosp-mirror/platform_system_core/commit/15ffc53f6d57a46e3041453865311035a18e047a
launchpad.net/bugs/cve/CVE-2017-13165
nvd.nist.gov/vuln/detail/CVE-2017-13165
security-tracker.debian.org/tracker/CVE-2017-13165
source.android.com/security/bulletin/pixel/2017-12-01
www.cve.org/CVERecord?id=CVE-2017-13165
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.6 Medium
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:P/I:P/A:P
0.0004 Low
EPSS
Percentile
11.7%