Logic Error in PhoneInterfaceManager Causes Emergency Services Access Issues
CVE-2017-13322
10CRITICAL
Summary
A vulnerability in the PhoneInterfaceManager component of the Android operating system allows for a logic error that potentially prevents users from accessing emergency services. This local denial of service arises from the flawed handling of the endCallForSubscriber function within the PhoneInterfaceManager.java file. Exploitation does not require elevated privileges or user interaction, making it a concerning issue for affected devices. Proper remediation and updates are essential to restore normal functionality for users needing emergency assistance.
Affected Version(s)
Android Android Kernel
References
CVSS V4
Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published