Published: 04/04/2018 Updated: 08/05/2018

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 935

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-71389378.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google android 8.0
google android 8.1

#include <utils/StrongPointerh> #include <binder/IServiceManagerh> #include <binder/MemoryHeapBaseh> #include <binder/MemoryBaseh> #include <binder/IMemoryh> #include <media/ICryptoh> #include <media/IMediaDrmServiceh> #include <media/hardware/CryptoAPIh> #include <stdioh> #include &lt ...

PoC code for CVE-2017-13253

CVE-2017-13253 PoC code for CVE-2017-13253 The full write-up is available here Note that the numbers are a little bit different from the blog post, as I've found that there's a higher chance for a crash with a heap of 0x2000 (of course if you run it enough times it should crash anyway) For questions/issues/comments you're welcome to contact me on Twitter (@tam

CWE-787 https://source.android.com/security/bulletin/2018-03-01 https://www.exploit-db.com/exploits/44291/http://www.securityfocus.com/bid/103255 https://nvd.nist.gov https://github.com/tamirzb/CVE-2017-13253 https://www.exploit-db.com/exploits/44291/

CVE-2017-13253

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect