CVE-2014-9888 - Vulnerability Details

Vendors	Products
Google	Nexus 5 Nexus 7
Linux	Linux Kernel

Link	Providers
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826
http://source.android.com/security/bulletin/2016-08-01.html
http://www.securityfocus.com/bid/92219
https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826
https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1

Show plain JSON

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-08-01T00:00:00", "descriptions": [{"lang": "en", "value": "arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 and Qualcomm internal bug CR642735."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-11-25T19:57:01", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://source.android.com/security/bulletin/2016-08-01.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826"}, {"name": "92219", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/92219"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@android.com", "ID": "CVE-2014-9888", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 and Qualcomm internal bug CR642735."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://source.android.com/security/bulletin/2016-08-01.html", "refsource": "CONFIRM", "url": "http://source.android.com/security/bulletin/2016-08-01.html"}, {"name": "https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826", "refsource": "CONFIRM", "url": "https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826"}, {"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826", "refsource": "CONFIRM", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826"}, {"name": "92219", "refsource": "BID", "url": "http://www.securityfocus.com/bid/92219"}, {"name": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1", "refsource": "CONFIRM", "url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:02:36.640Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://source.android.com/security/bulletin/2016-08-01.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826"}, {"name": "92219", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/92219"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1"}]}]}, "cveMetadata": {"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2014-9888", "datePublished": "2016-08-06T10:00:00", "dateReserved": "2016-06-24T00:00:00", "dateUpdated": "2024-08-06T14:02:36.640Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{

containers : { »

cna : { »

affected : [ »

0 : { »

product : n/a (string)

vendor : n/a (string)

versions : [ »

0 : { »

status : affected (string)

version : n/a (string)

}

]

}

]

datePublic : 2016-08-01T00:00:00 (string)

descriptions : [ »

0 : { »

lang : en (string)

value : arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 and Qualcomm internal bug CR642735. (string)

}

]

problemTypes : [ »

0 : { »

descriptions : [ »

0 : { »

description : n/a (string)

lang : en (string)

type : text (string)

}

]

}

]

providerMetadata : { »

dateUpdated : 2016-11-25T19:57:01 (string)

orgId : baff130e-b8d5-4e15-b3d3-c3cf5d5545c6 (string)

shortName : google_android (string)

}

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://source.android.com/security/bulletin/2016-08-01.html (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

}

3 : { »

name : 92219 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

]

url : http://www.securityfocus.com/bid/92219 (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

]

url : https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1 (string)

}

]

x_legacyV4Record : { »

CVE_data_meta : { »

ASSIGNER : security@android.com (string)

ID : CVE-2014-9888 (string)

STATE : PUBLIC (string)

}

affects : { »

vendor : { »

vendor_data : [ »

0 : { »

product : { »

product_data : [ »

0 : { »

product_name : n/a (string)

version : { »

version_data : [ »

0 : { »

version_value : n/a (string)

}

]

}

]

}

vendor_name : n/a (string)

}

]

}

data_format : MITRE (string)

data_type : CVE (string)

data_version : 4.0 (string)

description : { »

description_data : [ »

0 : { »

lang : eng (string)

value : arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 and Qualcomm internal bug CR642735. (string)

}

]

}

problemtype : { »

problemtype_data : [ »

0 : { »

description : [ »

0 : { »

lang : eng (string)

value : n/a (string)

}

]

}

]

}

references : { »

reference_data : [ »

0 : { »

name : http://source.android.com/security/bulletin/2016-08-01.html (string)

refsource : CONFIRM (string)

url : http://source.android.com/security/bulletin/2016-08-01.html (string)

}

1 : { »

name : https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

refsource : CONFIRM (string)

url : https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

}

2 : { »

name : http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

refsource : CONFIRM (string)

url : http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

}

3 : { »

name : 92219 (string)

refsource : BID (string)

url : http://www.securityfocus.com/bid/92219 (string)

}

4 : { »

name : https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1 (string)

refsource : CONFIRM (string)

url : https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1 (string)

}

]

}

adp : [ »

0 : { »

providerMetadata : { »

orgId : af854a3a-2127-422b-91ae-364da2661108 (string)

shortName : CVE (string)

dateUpdated : 2024-08-06T14:02:36.640Z (string)

}

title : CVE Program Container (string)

references : [ »

0 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://source.android.com/security/bulletin/2016-08-01.html (string)

}

1 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

}

2 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

}

3 : { »

name : 92219 (string)

tags : [ »

0 : vdb-entry (string)

1 : x_refsource_BID (string)

2 : x_transferred (string)

]

url : http://www.securityfocus.com/bid/92219 (string)

}

4 : { »

tags : [ »

0 : x_refsource_CONFIRM (string)

1 : x_transferred (string)

]

url : https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1 (string)

}

]

}

]

}

cveMetadata : { »

assignerOrgId : baff130e-b8d5-4e15-b3d3-c3cf5d5545c6 (string)

assignerShortName : google_android (string)

cveId : CVE-2014-9888 (string)

datePublished : 2016-08-06T10:00:00 (string)

dateReserved : 2016-06-24T00:00:00 (string)

dateUpdated : 2024-08-06T14:02:36.640Z (string)

state : PUBLISHED (string)

}

dataType : CVE_RECORD (string)

dataVersion : 5.1 (string)

}

Show plain JSON

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F95E1BD-CF7F-4FE7-A0A5-A342E6C36FB9", "versionEndIncluding": "3.12.9", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:google:nexus_5:-:*:*:*:*:*:*:*", "matchCriteriaId": "25DB8689-116F-49B5-91F5-BCBA8854BD42", "vulnerable": false}, {"criteria": "cpe:2.3:h:google:nexus_7:-:*:*:*:*:*:*:*", "matchCriteriaId": "12357E84-6FAE-4C6B-8FD3-BD5457DBBBCE", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 and Qualcomm internal bug CR642735."}, {"lang": "es", "value": "arch/arm/mm/dma-mapping.c en el kernel de Linux en versiones anteriores 3.13 en las plataformas ARM, como se utiliza en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 y 7 (2013), no impide asignaciones DMA ejecutables, lo que permite a usuarios locales obtener privilegios a trav\u00e9s de una aplicacion manipulada, tambi\u00e9n conocido como error interno de Android 28803642 y error interno de Qualcomm CR642735."}], "id": "CVE-2014-9888", "lastModified": "2024-11-21T02:21:54.590", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-08-06T10:59:31.293", "references": [{"source": "security@android.com", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826"}, {"source": "security@android.com", "tags": ["Mitigation", "Vendor Advisory"], "url": "http://source.android.com/security/bulletin/2016-08-01.html"}, {"source": "security@android.com", "url": "http://www.securityfocus.com/bid/92219"}, {"source": "security@android.com", "tags": ["Patch"], "url": "https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826"}, {"source": "security@android.com", "url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mitigation", "Vendor Advisory"], "url": "http://source.android.com/security/bulletin/2016-08-01.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/92219"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-264"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{

configurations : [ »

0 : { »

nodes : [ »

0 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* (string)

matchCriteriaId : 9F95E1BD-CF7F-4FE7-A0A5-A342E6C36FB9 (string)

versionEndIncluding : 3.12.9 (string)

vulnerable : true (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

1 : { »

cpeMatch : [ »

0 : { »

criteria : cpe:2.3:h:google:nexus_5:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 25DB8689-116F-49B5-91F5-BCBA8854BD42 (string)

vulnerable : false (boolean)

}

1 : { »

criteria : cpe:2.3:h:google:nexus_7:-:*:*:*:*:*:*:* (string)

matchCriteriaId : 12357E84-6FAE-4C6B-8FD3-BD5457DBBBCE (string)

vulnerable : false (boolean)

}

]

negate : false (boolean)

operator : OR (string)

}

]

operator : AND (string)

}

]

descriptions : [ »

0 : { »

lang : en (string)

value : arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 and Qualcomm internal bug CR642735. (string)

}

1 : { »

lang : es (string)

value : arch/arm/mm/dma-mapping.c en el kernel de Linux en versiones anteriores 3.13 en las plataformas ARM, como se utiliza en Android en versiones anteriores a 2016-08-05 en dispositivos Nexus 5 y 7 (2013), no impide asignaciones DMA ejecutables, lo que permite a usuarios locales obtener privilegios a través de una aplicacion manipulada, también conocido como error interno de Android 28803642 y error interno de Qualcomm CR642735. (string)

}

]

id : CVE-2014-9888 (string)

lastModified : 2024-11-21T02:21:54.590 (string)

metrics : { »

cvssMetricV2 : [ »

0 : { »

acInsufInfo : true (boolean)

baseSeverity : HIGH (string)

cvssData : { »

accessComplexity : LOW (string)

accessVector : LOCAL (string)

authentication : NONE (string)

availabilityImpact : COMPLETE (string)

baseScore : 7.2 (number)

confidentialityImpact : COMPLETE (string)

integrityImpact : COMPLETE (string)

vectorString : AV:L/AC:L/Au:N/C:C/I:C/A:C (string)

version : 2.0 (string)

}

exploitabilityScore : 3.9 (number)

impactScore : 10 (number)

obtainAllPrivilege : false (boolean)

obtainOtherPrivilege : false (boolean)

obtainUserPrivilege : false (boolean)

source : nvd@nist.gov (string)

type : Primary (string)

userInteractionRequired : false (boolean)

}

]

cvssMetricV30 : [ »

0 : { »

cvssData : { »

attackComplexity : LOW (string)

attackVector : LOCAL (string)

availabilityImpact : HIGH (string)

baseScore : 7.8 (number)

baseSeverity : HIGH (string)

confidentialityImpact : HIGH (string)

integrityImpact : HIGH (string)

privilegesRequired : LOW (string)

scope : UNCHANGED (string)

userInteraction : NONE (string)

vectorString : CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (string)

version : 3.0 (string)

}

exploitabilityScore : 1.8 (number)

impactScore : 5.9 (number)

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

published : 2016-08-06T10:59:31.293 (string)

references : [ »

0 : { »

source : security@android.com (string)

url : http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

}

1 : { »

source : security@android.com (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : http://source.android.com/security/bulletin/2016-08-01.html (string)

}

2 : { »

source : security@android.com (string)

url : http://www.securityfocus.com/bid/92219 (string)

}

3 : { »

source : security@android.com (string)

tags : [ »

0 : Patch (string)

]

url : https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

}

4 : { »

source : security@android.com (string)

url : https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1 (string)

}

5 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

}

6 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Mitigation (string)

1 : Vendor Advisory (string)

]

url : http://source.android.com/security/bulletin/2016-08-01.html (string)

}

7 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : http://www.securityfocus.com/bid/92219 (string)

}

8 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

tags : [ »

0 : Patch (string)

]

url : https://github.com/torvalds/linux/commit/0ea1ec713f04bdfac343c9702b21cd3a7c711826 (string)

}

9 : { »

source : af854a3a-2127-422b-91ae-364da2661108 (string)

url : https://source.codeaurora.org/quic/la/kernel/msm/commit/?id=f044936caab337a4384fbfe64a4cbae33c7e22a1 (string)

}

]

sourceIdentifier : security@android.com (string)

vulnStatus : Modified (string)

weaknesses : [ »

0 : { »

description : [ »

0 : { »

lang : en (string)

value : CWE-264 (string)

}

]

source : nvd@nist.gov (string)

type : Primary (string)

}

]

}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object