CVE-2014-9908 - OpenCVE

A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558).

No CVSS v4.0

Attack Vector Adjacent Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Adjacent Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:A/AC:L/Au:N/C:N/I:N/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Android

Configuration 1 [-]

OR	cpe:2.3:o:google:android:4.4:::::::*
	cpe:2.3:o:google:android:5.0.2:::::::*
	cpe:2.3:o:google:android:5.1.1:::::::*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/94167
https://github.com/Genymobile/f2ut_platform_frameworks_base/commit/f24cec326f5f65c693544fb0b92c37f633bacda2
https://source.android.com/security/bulletin/2016-11-01.html
https://vuldb.com/?id.93449

History

No history.

MITRE

Status: PUBLISHED

Assigner: google_android

Published: 2020-01-08T14:46:14

Updated: 2024-08-06T14:02:38.208Z

Reserved: 2016-10-03T00:00:00

Link: CVE-2014-9908

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2020-01-08T15:15:11.103

Modified: 2020-01-13T21:01:20.453

Link: CVE-2014-9908

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Android", "vendor": "Google", "versions": [{"status": "affected", "version": "4.4.4"}, {"status": "affected", "version": "5.0.2"}, {"status": "affected", "version": "5.1.1"}, {"status": "affected", "version": "n/a"}]}], "datePublic": "2014-05-05T00:00:00", "descriptions": [{"lang": "en", "value": "A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558)."}], "problemTypes": [{"descriptions": [{"description": "denial of service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-08T14:46:14", "orgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "shortName": "google_android"}, "references": [{"tags": ["x_refsource_MISC"], "url": "http://www.securityfocus.com/bid/94167"}, {"tags": ["x_refsource_MISC"], "url": "https://source.android.com/security/bulletin/2016-11-01.html"}, {"tags": ["x_refsource_MISC"], "url": "https://vuldb.com/?id.93449"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/Genymobile/f2ut_platform_frameworks_base/commit/f24cec326f5f65c693544fb0b92c37f633bacda2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@android.com", "ID": "CVE-2014-9908", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Android", "version": {"version_data": [{"version_value": "4.4.4"}, {"version_value": "5.0.2"}, {"version_value": "5.1.1"}, {"version_value": "n/a"}]}}]}, "vendor_name": "Google"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "denial of service"}]}]}, "references": {"reference_data": [{"name": "http://www.securityfocus.com/bid/94167", "refsource": "MISC", "url": "http://www.securityfocus.com/bid/94167"}, {"name": "https://source.android.com/security/bulletin/2016-11-01.html", "refsource": "MISC", "url": "https://source.android.com/security/bulletin/2016-11-01.html"}, {"name": "https://vuldb.com/?id.93449", "refsource": "MISC", "url": "https://vuldb.com/?id.93449"}, {"name": "https://github.com/Genymobile/f2ut_platform_frameworks_base/commit/f24cec326f5f65c693544fb0b92c37f633bacda2", "refsource": "MISC", "url": "https://github.com/Genymobile/f2ut_platform_frameworks_base/commit/f24cec326f5f65c693544fb0b92c37f633bacda2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T14:02:38.208Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://www.securityfocus.com/bid/94167"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://source.android.com/security/bulletin/2016-11-01.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://vuldb.com/?id.93449"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/Genymobile/f2ut_platform_frameworks_base/commit/f24cec326f5f65c693544fb0b92c37f633bacda2"}]}]}, "cveMetadata": {"assignerOrgId": "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6", "assignerShortName": "google_android", "cveId": "CVE-2014-9908", "datePublished": "2020-01-08T14:46:14", "dateReserved": "2016-10-03T00:00:00", "dateUpdated": "2024-08-06T14:02:38.208Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:4.4:*:*:*:*:*:*:*", "matchCriteriaId": "98C32982-095C-4628-9958-118A3D3A9CAA", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:5.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "E9915371-C730-41F7-B86E-7E4DE0DF5385", "vulnerable": true}, {"criteria": "cpe:2.3:o:google:android:5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "B1D94CDD-DE7B-444E-A3AE-AE9C9A779374", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A Denial of Service vulnerability exists in Google Android 4.4.4, 5.0.2, and 5.1.1, which allows malicious users to block Bluetooh access (Android Bug ID A-28672558)."}, {"lang": "es", "value": "Existe una vulnerabilidad de denegaci\u00f3n de servicio en Google Android versiones 4.4.4, 5.0.2 y 5.1.1, lo que permite a usuarios maliciosos bloquear el acceso a Bluetooh (ID de Bug de Android A-28672558)."}], "id": "CVE-2014-9908", "lastModified": "2020-01-13T21:01:20.453", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 3.3, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 6.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-08T15:15:11.103", "references": [{"source": "security@android.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/94167"}, {"source": "security@android.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/Genymobile/f2ut_platform_frameworks_base/commit/f24cec326f5f65c693544fb0b92c37f633bacda2"}, {"source": "security@android.com", "tags": ["Third Party Advisory"], "url": "https://source.android.com/security/bulletin/2016-11-01.html"}, {"source": "security@android.com", "tags": ["Third Party Advisory"], "url": "https://vuldb.com/?id.93449"}], "sourceIdentifier": "security@android.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}