Vulnerability Description
In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write.
CVSS Score
7.8
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | <= 8.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/100658Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2017-09-01Vendor Advisory
- http://www.securityfocus.com/bid/100658Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2017-09-01Vendor Advisory
FAQ
What is CVE-2017-11000?
CVE-2017-11000 is a vulnerability with a CVSS score of 7.8 (HIGH). In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write.
How severe is CVE-2017-11000?
CVE-2017-11000 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-11000?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.