{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T04:45:26.059","vulnerabilities":[{"cve":{"id":"CVE-2017-11093","sourceIdentifier":"product-security@qualcomm.com","published":"2017-11-16T22:29:01.407","lastModified":"2026-05-13T00:24:29.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the lack of an upper-bound validation when reading \"num_of_cea_blocks\" from the untrusted source (EDID), kernel memory can be exposed."},{"lang":"es","value":"En Android para MSM, Firefox OS para MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, existe una sobrelectura de búfer en Display debido a la falta de una validación de los límites superiores a la hora de leer \"num_of_cea_blocks\" del origen no fiable (EDID), por lo que la memoria del kernel se puede ver expuesta."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:N/C:P/I:N/A:N","baseScore":5.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":10.0,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-125"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/pixel/2017-11-01","source":"product-security@qualcomm.com","tags":["Patch","Vendor Advisory"]},{"url":"https://source.android.com/security/bulletin/pixel/2017-11-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]}]}}]}