We found results for “”
CVE-2020-0404
Good to know:
Date: September 17, 2020
In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-111893654References: Upstream kernel
Language: C
Severity Score
Related Resources (9)
Severity Score
Weakness Type (CWE)
Improper Privilege Management
CWE-269Top Fix
Upgrade Version
Upgrade to version v4.4.214,v4.9.214,v4.14.171,v4.19.103,v5.4.19,v5.5.3,v5.6-rc1
CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | LOCAL |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | LOW |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | HIGH |
CVSS v2
Base Score: |
|
---|---|
Access Vector (AV): | LOCAL |
Access Complexity (AC): | LOW |
Authentication (AU): | NONE |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | COMPLETE |
Additional information: |