Vulnerability Description
Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear could be used for side channel attacks and this could lead to local information disclosure with no additional execution privileges needed in FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, QCN5502, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Android | - |
Related Weaknesses (CWE)
References
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.securityfocus.com/bid/102390Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040106Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2018-01-01Vendor Advisory
- https://www.codeaurora.org/security-bulletin/2018/06/04/june-2018-code-aurora-se
- http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
- http://www.securityfocus.com/bid/102390Third Party AdvisoryVDB Entry
- http://www.securitytracker.com/id/1040106Third Party AdvisoryVDB Entry
- https://source.android.com/security/bulletin/2018-01-01Vendor Advisory
- https://www.codeaurora.org/security-bulletin/2018/06/04/june-2018-code-aurora-se
FAQ
What is CVE-2017-13218?
CVE-2017-13218 is a vulnerability with a CVSS score of 4.7 (MEDIUM). Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear could be used for side channel attacks and this could lead to local information disclosure with no ...
How severe is CVE-2017-13218?
CVE-2017-13218 has been rated MEDIUM with a CVSS base score of 4.7/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-13218?
Check the references section above for vendor advisories and patch information. Affected products include: Google Android.