Main Vulnerability Database Vulnerabilities #VU39703

Information disclosure in Linux kernel - CVE-2017-0448

Published: February 8, 2017 / Updated: August 8, 2020

Vulnerability identifier: #VU39703

CSH Severity: Medium

CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green

CVE-ID: CVE-2017-0448

CWE-ID: CWE-200

Exploitation vector: Remote access

Exploit availability: No public exploit available

Vendor: Linux Foundation

Affected software:
Linux kernel

Detailed vulnerability description

The vulnerability allows a remote non-authenticated attacker to gain access to sensitive information.

An information disclosure vulnerability in the NVIDIA video driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. Versions: Kernel-3.10. Android ID: A-32721029. References: N-CVE-2017-0448.

How to mitigate CVE-2017-0448

Install update from vendor's website.

Information disclosure in Linux kernel - CVE-2017-0448

Detailed vulnerability description

How to mitigate CVE-2017-0448

Sources

Please verify you're human