CVE-2017-6276

HIGH

Google Android - Use After Free

Title source: rule
STIX 2.1

Description

NVIDIA mediaserver contains a vulnerability where it is possible a use after free malfunction can occur due to an incorrect bounds check which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android: A-63802421. References: N-CVE-2017-6276.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/102106
Vendor Advisory x_refsource_confirm
https://source.android.com/security/bulletin/2017-12-01

Scores

CVSS v3 7.8
EPSS 0.0019
EPSS Percentile 8.7%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (2)
google/android
Nvidia Corporation/Android
Published Dec 06, 2017
Tracked Since Feb 18, 2026