Elevation of Privilege Vulnerability in NVIDIA Libnvparser for Android
CVE-2017-0340

7.8HIGH

Key Information:

Vendor: Nvidia
Status: Android
Vendor: CVE Published:; 7 July 2017

Summary

An elevation of privilege vulnerability exists in the NVIDIA Libnvparser component, which arises from improper handling of a memcpy operation that allows user-controlled size input to overwrite memory boundaries. This flaw could lead to memory corruption, potentially enabling local attackers to execute arbitrary code and escalate privileges within an affected Android environment. It is crucial for users and developers to be aware of this vulnerability and implement appropriate patches to mitigate risks associated with unauthorized access.

Affected Version(s)

Android NA

References

https://source.android.com/security/bulletin/2017-07-01

x_refsource_CONFIRM

http://www.securityfocus.com/bid/99477

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 7, 2017
Vulnerability Reserved
Nov 23, 2016