Vulnerability Description
The msm_bus_dbg_update_request_write function in drivers/platform/msm/msm_bus/msm_bus_dbg.c in android_kernel_huawei_msm8916 through 2017-06-16 in LineageOS, and possibly other kernels for MSM devices, allows attackers to cause a denial of service (NULL pointer dereference and device crash) via a crafted /sys/kernel/debug/msm-bus-dbg/client-data/update-request write request.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Lineageos | Lineageos | <= 2017-06-16 |
Related Weaknesses (CWE)
References
- http://blog.secret-team.cn/index.php/archives/5/Third Party Advisory
- http://www.securityfocus.com/bid/99107Third Party AdvisoryVDB Entry
- http://blog.secret-team.cn/index.php/archives/5/Third Party Advisory
- http://www.securityfocus.com/bid/99107Third Party AdvisoryVDB Entry
FAQ
What is CVE-2017-6899?
CVE-2017-6899 is a vulnerability with a CVSS score of 6.2 (MEDIUM). The msm_bus_dbg_update_request_write function in drivers/platform/msm/msm_bus/msm_bus_dbg.c in android_kernel_huawei_msm8916 through 2017-06-16 in LineageOS, and possibly other kernels for MSM devices...
How severe is CVE-2017-6899?
CVE-2017-6899 has been rated MEDIUM with a CVSS base score of 6.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2017-6899?
Check the references section above for vendor advisories and patch information. Affected products include: Lineageos Lineageos.