CVE-2018-6246

5.3MEDIUM

Key Information:

Vendor: Nvidia
Status: Android
Vendor: CVE Published:; 7 May 2018

Summary

In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android: A-69383916. Reference: N-CVE-2018-6246.

Affected Version(s)

Android NA

References

https://source.android.com/security/bulletin/pixel/2018-0...

x_refsource_CONFIRM

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
May 7, 2018
Vulnerability Reserved
Jan 25, 2018