CVE-2017-13184

by Fred · 12/01/2018

In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-65483324.

Date published : 2018-01-12

http://www.securityfocus.com/bid/102414

https://source.android.com/security/bulletin/2018-01-01

CVE-2017-13184

Similar

Recent Posts

Categories

CVE-2017-13184

Share this:

Similar

Recent Posts

Categories

Tags