Elevation of Privilege Vulnerability in Pixel Thermal Driver by Google
CVE-2017-6274

9.8CRITICAL

Key Information:

Vendor: Nvidia
Status: Pixel
Vendor: CVE Published:; 14 November 2017

What is CVE-2017-6274?

An elevation of privilege vulnerability exists in the thermal driver of Google's Pixel devices. Due to missing bounds checks, this flaw can lead to out-of-bounds write operations in the kernel, which may allow an attacker to gain elevated permissions, potentially compromising device integrity and user data. It's crucial for users to remain vigilant and apply available patches to safeguard against this vulnerability.

Affected Version(s)

Pixel NA

References

https://source.android.com/security/bulletin/pixel/2017-1...

x_refsource_CONFIRM

https://nvidia.custhelp.com/app/answers/detail/a_id/4787

x_refsource_CONFIRM

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 14, 2017
Vulnerability Reserved
Feb 23, 2017

Nvidia

What is CVE-2017-6274?

Affected Version(s)

References

CVSS V3.1

Timeline