CVE-2017-9679

{"id": "CVE-2017-9679", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 3.9}]}, "published": "2017-08-18T19:29:00.327", "references": [{"url": "http://www.securityfocus.com/bid/100210", "tags": ["Third Party Advisory", "VDB Entry"], "source": "product-security@qualcomm.com"}, {"url": "https://source.android.com/security/bulletin/2017-06-01", "tags": ["Vendor Advisory"], "source": "product-security@qualcomm.com"}, {"url": "https://source.android.com/security/bulletin/2017-08-01", "tags": ["Vendor Advisory"], "source": "nvd@nist.gov"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "In all Qualcomm products with Android releases from CAF using the Linux kernel, if a userspace string is not NULL-terminated, kernel memory contents can leak to system logs."}, {"lang": "es", "value": "En todos los productos Qualcomm con distribuciones Android desde CAF empleando el kernel Linux, si una cadena del espacio de usuario no se finaliza en nulo, el contenido de la memoria kernel podr\u00eda filtrarse a los registros del sistema."}], "lastModified": "2017-08-22T01:24:58.697", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C"}], "operator": "OR"}]}], "sourceIdentifier": "product-security@qualcomm.com"}