CVE-2017-8244 - OpenCVE

In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race conditions. "buffer->curr" itself could also be overwritten, which means that it may point to anywhere of kernel memory (for write).

No CVSS v4.0

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:M/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Google	Android

Configuration 1 [-]

cpe:2.3:o:google:android:-:*:*:*:*:*:*:*

No data.

References

Link	Providers
http://www.securityfocus.com/bid/98547
https://source.android.com/security/bulletin/pixel/2017-12-01
https://www.codeaurora.org/buffer-overflow-msmvidc-debugfs-driver-coreinforead-and-instinforead-cve-2017-8244

History

No history.

MITRE

Status: PUBLISHED

Assigner: qualcomm

Published: 2017-05-12T20:00:00

Updated: 2024-08-05T16:27:22.879Z

Reserved: 2017-04-25T00:00:00

Link: CVE-2017-8244

Vulnrichment

No data.

NVD

Status : Analyzed

Published: 2017-05-12T20:29:00.313

Modified: 2020-11-09T14:27:19.047

Link: CVE-2017-8244

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "Android for MSM, Firefox OS for MSM, QRD Android", "vendor": "Qualcomm, Inc.", "versions": [{"status": "affected", "version": "All Android releases from CAF using the Linux kernel"}]}], "datePublic": "2017-05-01T00:00:00", "descriptions": [{"lang": "en", "value": "In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable \"dbg_buf\", \"dbg_buf->curr\" and \"dbg_buf->filled_size\" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race conditions. \"buffer->curr\" itself could also be overwritten, which means that it may point to anywhere of kernel memory (for write)."}], "problemTypes": [{"descriptions": [{"description": "Buffer overflow in msm_vidc debugfs driver core_info_read and inst_info_read (CVE-2017-8244)", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-05T19:57:01", "orgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "shortName": "qualcomm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.codeaurora.org/buffer-overflow-msmvidc-debugfs-driver-coreinforead-and-instinforead-cve-2017-8244"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"}, {"name": "98547", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/98547"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "product-security@qualcomm.com", "ID": "CVE-2017-8244", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Android for MSM, Firefox OS for MSM, QRD Android", "version": {"version_data": [{"version_value": "All Android releases from CAF using the Linux kernel"}]}}]}, "vendor_name": "Qualcomm, Inc."}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable \"dbg_buf\", \"dbg_buf->curr\" and \"dbg_buf->filled_size\" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race conditions. \"buffer->curr\" itself could also be overwritten, which means that it may point to anywhere of kernel memory (for write)."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Buffer overflow in msm_vidc debugfs driver core_info_read and inst_info_read (CVE-2017-8244)"}]}]}, "references": {"reference_data": [{"name": "https://www.codeaurora.org/buffer-overflow-msmvidc-debugfs-driver-coreinforead-and-instinforead-cve-2017-8244", "refsource": "CONFIRM", "url": "https://www.codeaurora.org/buffer-overflow-msmvidc-debugfs-driver-coreinforead-and-instinforead-cve-2017-8244"}, {"name": "https://source.android.com/security/bulletin/pixel/2017-12-01", "refsource": "CONFIRM", "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"}, {"name": "98547", "refsource": "BID", "url": "http://www.securityfocus.com/bid/98547"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T16:27:22.879Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://www.codeaurora.org/buffer-overflow-msmvidc-debugfs-driver-coreinforead-and-instinforead-cve-2017-8244"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"}, {"name": "98547", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/98547"}]}]}, "cveMetadata": {"assignerOrgId": "2cfc7d3e-20d3-47ac-8db7-1b7285aff15f", "assignerShortName": "qualcomm", "cveId": "CVE-2017-8244", "datePublished": "2017-05-12T20:00:00", "dateReserved": "2017-04-25T00:00:00", "dateUpdated": "2024-08-05T16:27:22.879Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*", "matchCriteriaId": "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable \"dbg_buf\", \"dbg_buf->curr\" and \"dbg_buf->filled_size\" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on race conditions. \"buffer->curr\" itself could also be overwritten, which means that it may point to anywhere of kernel memory (for write)."}, {"lang": "es", "value": "En la funci\u00f3n core_info_read e inst_info_read en todas las versiones de Android de CAF usando el kernel de Linux, las variables \"dbg_buf\", \"dbg_buf-)curr\" y \"dbg_buf-)filled_size\" pueden ser modificadas por diferentes hilos al mismo tiempo, pero no est\u00e1n protegidos con mutex o locks. Un desbordamiento de b\u00fafer es posible sobre condiciones de carrera. \"buffer-)curr\" en s\u00ed tambi\u00e9n podr\u00eda ser sobrescrita, lo que quiere decir que puede apuntar a cualquier parte de la memoria del kernel (para escritura)."}], "id": "CVE-2017-8244", "lastModified": "2020-11-09T14:27:19.047", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 6.9, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.0, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.0, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-05-12T20:29:00.313", "references": [{"source": "product-security@qualcomm.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/98547"}, {"source": "product-security@qualcomm.com", "tags": ["Vendor Advisory"], "url": "https://source.android.com/security/bulletin/pixel/2017-12-01"}, {"source": "product-security@qualcomm.com", "tags": ["Broken Link"], "url": "https://www.codeaurora.org/buffer-overflow-msmvidc-debugfs-driver-coreinforead-and-instinforead-cve-2017-8244"}], "sourceIdentifier": "product-security@qualcomm.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-362"}], "source": "nvd@nist.gov", "type": "Primary"}]}