var-201703-0843
Vulnerability from variot
An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32124445. References: B-RB#110688. HuaweiSmartPhoneP9 is a smartphone from China's Huawei company. WifiDriver is its wireless network card driver. A local buffer overflow vulnerability exists in previous versions of HuaweiSmartPhoneP9EVA-AL10C00B352. This leads to a denial of service condition. The attacker can induce the user to install a malicious application, so that the application can use the vulnerability to send specific parameters to the mobile phone, resulting in system restart or user privilege escalation. Huawei Smart Phone P9 is prone to a local buffer-overflow vulnerability. Versions prior to Huawei P9 EVA-AL10C00B352 is vulnerable. This vulnerability also affects Google Android devices and is tracked by Android Bug ID A-32124445
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201703-0843", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "android", "scope": "eq", "trust": 1.2, "vendor": "google", "version": "7.1.1" }, { "model": "android", "scope": "lte", "trust": 1.0, "vendor": "google", "version": "7.1.1" }, { "model": "android", "scope": null, "trust": 0.8, "vendor": "google", "version": null }, { "model": "smart phone p9 \u003ceva-al10c00b352", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "p9 \u003ceva-al10c00b352", "scope": null, "trust": 0.6, "vendor": "huawei", "version": null }, { "model": "android", "scope": "eq", "trust": 0.6, "vendor": "google", "version": "7.1.0" }, { "model": "p9 eva-al10c00b195", "scope": null, "trust": 0.3, "vendor": "huawei", "version": null }, { "model": "p9 eva-al10c00b193", "scope": null, "trust": 0.3, "vendor": "huawei", "version": null }, { "model": "p9 eva-al10c00b192", "scope": null, "trust": 0.3, "vendor": "huawei", "version": null }, { "model": "p9 eva-al10c00b190", "scope": null, "trust": 0.3, "vendor": "huawei", "version": null }, { "model": "p9 eva-al10c00", "scope": null, "trust": 0.3, "vendor": "huawei", "version": null }, { "model": "p9 eva-al00c00b352", "scope": null, "trust": 0.3, "vendor": "huawei", "version": null }, { "model": "p9 eva-al10c00b352", "scope": "ne", "trust": 0.3, "vendor": "huawei", "version": null } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-12998" }, { "db": "CNVD", "id": "CNVD-2016-12340" }, { "db": "BID", "id": "94943" }, { "db": "BID", "id": "96797" }, { "db": "JVNDB", "id": "JVNDB-2017-002030" }, { "db": "NVD", "id": "CVE-2017-0509" }, { "db": "CNNVD", "id": "CNNVD-201702-613" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "7.1.1", "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2017-0509" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Gengjia Chen (@chengjia4574) and pjf of IceSword Lab,Gengjia Chen from Icesword Lab of Qihoo 360 Technology Co. Ltd., Qihoo 360 Technology Co. Ltd.", "sources": [ { "db": "CNNVD", "id": "CNNVD-201702-613" } ], "trust": 0.6 }, "cve": "CVE-2017-0509", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 9.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2017-0509", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "CNVD-2016-12998", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "author": "CNVD", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 3.9, "id": "CNVD-2016-12340", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.6, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "LOCAL", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "exploitabilityScore": 1.8, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Local", "author": "NVD", "availabilityImpact": "High", "baseScore": 7.8, "baseSeverity": "High", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2017-0509", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "Required", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2017-0509", "trust": 1.8, "value": "HIGH" }, { "author": "CNVD", "id": "CNVD-2016-12998", "trust": 0.6, "value": "HIGH" }, { "author": "CNVD", "id": "CNVD-2016-12340", "trust": 0.6, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201702-613", "trust": 0.6, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2017-0509", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-12998" }, { "db": "CNVD", "id": "CNVD-2016-12340" }, { "db": "VULMON", "id": "CVE-2017-0509" }, { "db": "JVNDB", "id": "JVNDB-2017-002030" }, { "db": "NVD", "id": "CVE-2017-0509" }, { "db": "CNNVD", "id": "CNNVD-201702-613" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-32124445. References: B-RB#110688. HuaweiSmartPhoneP9 is a smartphone from China\u0027s Huawei company. WifiDriver is its wireless network card driver. A local buffer overflow vulnerability exists in previous versions of HuaweiSmartPhoneP9EVA-AL10C00B352. This leads to a denial of service condition. The attacker can induce the user to install a malicious application, so that the application can use the vulnerability to send specific parameters to the mobile phone, resulting in system restart or user privilege escalation. Huawei Smart Phone P9 is prone to a local buffer-overflow vulnerability. \nVersions prior to Huawei P9 EVA-AL10C00B352 is vulnerable. \nThis vulnerability also affects Google Android devices and is tracked by Android Bug ID A-32124445", "sources": [ { "db": "NVD", "id": "CVE-2017-0509" }, { "db": "JVNDB", "id": "JVNDB-2017-002030" }, { "db": "CNVD", "id": "CNVD-2016-12998" }, { "db": "CNVD", "id": "CNVD-2016-12340" }, { "db": "BID", "id": "94943" }, { "db": "BID", "id": "96797" }, { "db": "VULMON", "id": "CVE-2017-0509" } ], "trust": 3.33 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2017-0509", "trust": 3.7 }, { "db": "BID", "id": "94943", "trust": 2.6 }, { "db": "BID", "id": "96797", "trust": 2.0 }, { "db": "SECTRACK", "id": "1037968", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2017-002030", "trust": 0.8 }, { "db": "CNVD", "id": "CNVD-2016-12998", "trust": 0.6 }, { "db": "CNVD", "id": "CNVD-2016-12340", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201702-613", "trust": 0.6 }, { "db": "VULMON", "id": "CVE-2017-0509", "trust": 0.1 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-12998" }, { "db": "CNVD", "id": "CNVD-2016-12340" }, { "db": "VULMON", "id": "CVE-2017-0509" }, { "db": "BID", "id": "94943" }, { "db": "BID", "id": "96797" }, { "db": "JVNDB", "id": "JVNDB-2017-002030" }, { "db": "NVD", "id": "CVE-2017-0509" }, { "db": "CNNVD", "id": "CNNVD-201702-613" } ] }, "id": "VAR-201703-0843", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "CNVD", "id": "CNVD-2016-12998" }, { "db": "CNVD", "id": "CNVD-2016-12340" } ], "trust": 1.9924196699999999 }, "iot_taxonomy": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "category": [ "Network device" ], "sub_category": null, "trust": 1.2 } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-12998" }, { "db": "CNVD", "id": "CNVD-2016-12340" } ] }, "last_update_date": "2023-12-18T11:38:01.288000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "Android Security Bulletin-March 2017", "trust": 0.8, "url": "https://source.android.com/security/bulletin/2017-03-01.html" }, { "title": "HuaweiSmartPhoneP9Wi-FIDriver Local Buffer Overflow Vulnerability Patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/86617" }, { "title": "HuaweiP9 mobile Wi-Fi driver has a buffer overflow vulnerability patch", "trust": 0.6, "url": "https://www.cnvd.org.cn/patchinfo/show/85908" }, { "title": "Android Broadcom Wi-Fi Fixes for driver permission and access control vulnerabilities", "trust": 0.6, "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=68202" }, { "title": "Android Security Bulletins: Android Security Bulletin\u2014March 2017", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=android_security_bulletins\u0026qid=65d776aaa82a91341631d2aa61736067" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-12998" }, { "db": "CNVD", "id": "CNVD-2016-12340" }, { "db": "VULMON", "id": "CVE-2017-0509" }, { "db": "JVNDB", "id": "JVNDB-2017-002030" }, { "db": "CNNVD", "id": "CNNVD-201702-613" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "NVD-CWE-noinfo", "trust": 1.0 }, { "problemtype": "CWE-264", "trust": 0.8 } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-002030" }, { "db": "NVD", "id": "CVE-2017-0509" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 3.0, "url": "http://www.securityfocus.com/bid/94943" }, { "trust": 2.9, "url": "http://www.securityfocus.com/bid/96797" }, { "trust": 2.4, "url": "https://source.android.com/security/bulletin/2017-03-01.html" }, { "trust": 1.7, "url": "http://www.securitytracker.com/id/1037968" }, { "trust": 1.1, "url": "https://source.android.com/security/bulletin/2017-03-01" }, { "trust": 0.9, "url": "http://code.google.com/android/" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-0509" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2017-0509" }, { "trust": 0.6, "url": "http://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20161214-02-smartphone-cn" }, { "trust": 0.3, "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161214-02-smartphone-en" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/.html" }, { "trust": 0.1, "url": "https://nvd.nist.gov" } ], "sources": [ { "db": "CNVD", "id": "CNVD-2016-12998" }, { "db": "CNVD", "id": "CNVD-2016-12340" }, { "db": "VULMON", "id": "CVE-2017-0509" }, { "db": "BID", "id": "94943" }, { "db": "BID", "id": "96797" }, { "db": "JVNDB", "id": "JVNDB-2017-002030" }, { "db": "NVD", "id": "CVE-2017-0509" }, { "db": "CNNVD", "id": "CNNVD-201702-613" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "CNVD", "id": "CNVD-2016-12998" }, { "db": "CNVD", "id": "CNVD-2016-12340" }, { "db": "VULMON", "id": "CVE-2017-0509" }, { "db": "BID", "id": "94943" }, { "db": "BID", "id": "96797" }, { "db": "JVNDB", "id": "JVNDB-2017-002030" }, { "db": "NVD", "id": "CVE-2017-0509" }, { "db": "CNNVD", "id": "CNNVD-201702-613" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-12-26T00:00:00", "db": "CNVD", "id": "CNVD-2016-12998" }, { "date": "2016-12-15T00:00:00", "db": "CNVD", "id": "CNVD-2016-12340" }, { "date": "2017-03-08T00:00:00", "db": "VULMON", "id": "CVE-2017-0509" }, { "date": "2016-12-14T00:00:00", "db": "BID", "id": "94943" }, { "date": "2017-03-06T00:00:00", "db": "BID", "id": "96797" }, { "date": "2017-03-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-002030" }, { "date": "2017-03-08T01:59:02.407000", "db": "NVD", "id": "CVE-2017-0509" }, { "date": "2017-02-20T00:00:00", "db": "CNNVD", "id": "CNNVD-201702-613" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-12-26T00:00:00", "db": "CNVD", "id": "CNVD-2016-12998" }, { "date": "2016-12-15T00:00:00", "db": "CNVD", "id": "CNVD-2016-12340" }, { "date": "2019-10-03T00:00:00", "db": "VULMON", "id": "CVE-2017-0509" }, { "date": "2019-05-30T16:00:00", "db": "BID", "id": "94943" }, { "date": "2019-05-30T16:00:00", "db": "BID", "id": "96797" }, { "date": "2017-03-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2017-002030" }, { "date": "2019-10-03T00:03:26.223000", "db": "NVD", "id": "CVE-2017-0509" }, { "date": "2019-10-23T00:00:00", "db": "CNNVD", "id": "CNNVD-201702-613" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "local", "sources": [ { "db": "BID", "id": "94943" }, { "db": "CNNVD", "id": "CNNVD-201702-613" } ], "trust": 0.9 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Broadcom Wi-Fi Vulnerability that could elevate privileges in drivers", "sources": [ { "db": "JVNDB", "id": "JVNDB-2017-002030" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "permissions and access control issues", "sources": [ { "db": "CNNVD", "id": "CNNVD-201702-613" } ], "trust": 0.6 } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.