Logic Error in PhoneInterfaceManager Causes Emergency Services Access Issues
CVE-2017-13322

10CRITICAL

Key Information:

Vendor
Google
Status
Vendor
CVE Published:
17 January 2025

Summary

A vulnerability in the PhoneInterfaceManager component of the Android operating system allows for a logic error that potentially prevents users from accessing emergency services. This local denial of service arises from the flawed handling of the endCallForSubscriber function within the PhoneInterfaceManager.java file. Exploitation does not require elevated privileges or user interaction, making it a concerning issue for affected devices. Proper remediation and updates are essential to restore normal functionality for users needing emergency assistance.

Affected Version(s)

Android Android Kernel

References

CVSS V4

Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

.