{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-02T09:21:34.193","vulnerabilities":[{"cve":{"id":"CVE-2017-15855","sourceIdentifier":"product-security@qualcomm.com","published":"2018-05-17T22:29:00.247","lastModified":"2024-11-21T03:15:20.703","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, the camera application triggers \"user-memory-access\" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked userspace value (ioctl_ptr->len) is used to copy contents to a kernel buffer which can lead to kernel buffer overflow."},{"lang":"es","value":"En Qualcomm Android for MSM, Firefox OS for MSM, QRD Android, con todas las distribuciones de Android de CAF que utilizan el kernel de Linux, la aplicación de cámara desencadena un problema \"user-memory-access\" ya que el controlador de Linux del módulo CPP de la cámara accede al búfer proporcionado por la aplicación, e cual reside en userspace. Un valor userspace sin chequear (ioctl_ptr->len) se utiliza para copiar contenidos al búfer del kernel, lo que puede provocar un desbordamiento de búfer del kernel."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-119"},{"lang":"en","value":"CWE-129"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:google:android:-:*:*:*:*:*:*:*","matchCriteriaId":"F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26"}]}]}],"references":[{"url":"https://source.android.com/security/bulletin/pixel/2018-04-01","source":"product-security@qualcomm.com","tags":["Third Party Advisory"]},{"url":"https://www.codeaurora.org/security-bulletin/2018/03/29/march-2018-code-aurora-security-bulletin","source":"product-security@qualcomm.com","tags":["Patch","Third Party Advisory"]},{"url":"https://source.android.com/security/bulletin/pixel/2018-04-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.codeaurora.org/security-bulletin/2018/03/29/march-2018-code-aurora-security-bulletin","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}