Elevation of Privilege Vulnerability in NVIDIA I2C HID Driver for Android
CVE-2017-0325

7HIGH

Key Information:

Vendor: Nvidia
Status: Android
Vendor: CVE Published:; 5 April 2017

What is CVE-2017-0325?

The NVIDIA I2C HID driver contains an elevation of privilege vulnerability that could allow a local malicious application to execute arbitrary code at the kernel level. This vulnerability arises from the need for an attacker to first compromise a privileged process, enabling them to exploit this weakness effectively. It primarily affects specific versions of the Android kernel (3.10 and 3.18), posing a threat to the security integrity of the system.

Affected Version(s)

Android Kernel-3.10, Kernel-3.18

References

http://www.securityfocus.com/bid/97350

vdb-entryx_refsource_BID

http://nvidia.custhelp.com/app/answers/detail/a_id/4561

x_refsource_CONFIRM

https://source.android.com/security/bulletin/2017-04-01.html

x_refsource_CONFIRM

CVSS V3.1

Score:

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 5, 2017
Vulnerability Reserved
Nov 23, 2016

Nvidia

What is CVE-2017-0325?

Affected Version(s)

References

CVSS V3.1

Timeline