Published: 12/01/2017 Updated: 20/01/2017

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

An elevation of privilege vulnerability in Wi-Fi could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0. Android ID: A-31856351.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 5.0.1
google android 5.0.2
google android 5.1.1
google android 6.0
google android 5.0
google android 6.0.1
google android 7.0
google android 5.1
google android 5.1.0

Source: bugschromiumorg/p/project-zero/issues/detail?id=958 The following code in frameworks/opt/net/wifi/service/jni/com_android_server_wifi_WifiNativecpp doesn't validate the parameter paramsnum_bssid, and then copies that number of elements into a stack-allocated wifi_bssid_hotlist_params structure I don't think this can be reached ...

CWE-264 https://source.android.com/security/bulletin/2016-12-01.html http://www.securityfocus.com/bid/94701 https://www.exploit-db.com/exploits/40945/https://bugs.chromium.org/p/project-zero/issues/detail?id=958 https://nvd.nist.gov https://www.exploit-db.com/exploits/40945/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-6772

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect