In CProgramConfig_ReadHeightExt of tpdec_asc.cpp, there is a possible stack buffer overflow due to a missing bounds check. This could lead to a remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-70637599.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://source.android.com/security/bulletin/2018-04-01 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: google_android
Published: 2018-04-04T16:00:00Z
Updated: 2024-09-16T23:36:40.692Z
Reserved: 2017-08-23T00:00:00
Link: CVE-2017-13276
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2018-04-04T16:29:00.417
Modified: 2018-05-09T13:58:26.063
Link: CVE-2017-13276
Redhat
No data.