CVE-2017-13238

State: PUBLISHED · Published: 2018-02-12 · Updated: 2024-09-16 · Assigner: google_android

Description

In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacker has physical access to the device. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-64610940.

CWE

(none)

Affected

Google Inc. / Android — v=Android kernel [affected]

CVSS

(none)

References

http://www.securityfocus.com/bid/103024 vdb-entry, x_refsource_BID
https://source.android.com/security/bulletin/2018-02-01 x_refsource_CONFIRM

Source

cvelistV5-main/cves/2017/13xxx/CVE-2017-13238.json