CVE-2017-0604

HIGH Year: 2017
CVSS v3 Score
7.8
High
CVSS v2 Score
9.3
Critical
Weakness Type
CWE-670
View all →

Vulnerability Description

An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: N/A. Android ID: A-35392981. References: QC-CR#826589.

Related Vulnerabilities

CVE-2020-25603

HIGH
CVSS:7.8(High)

An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the p...

CWE-6702020

CVE-2023-20915

HIGH
CVSS:7.8(High)

In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to enable a phone account without user interaction due to a logic error in the code. This could lead to local escalat...

CWE-6702023

CVE-2024-47745

HIGH
CVSS:7.8(High)

In the Linux kernel, the following vulnerability has been resolved: mm: call the security_mmap_file() LSM hook in remap_file_pages() The remap_file_pages syscall handler calls do_mmap() directly, whic...

CWE-6702024

CVE-2014-2686

HIGH
CVSS:7.5(High)

Ansible prior to 1.5.4 mishandles the evaluation of some strings.

CWE-6702014

CVE-2019-11412

HIGH
CVSS:7.5(High)

An issue was discovered in Artifex MuJS 1.0.5. jscompile.c can cause a denial of service (invalid stack-frame jump) because it lacks an ENDTRY opcode call.

CWE-6702019

CVE-2019-19324

HIGH
CVSS:7.5(High)

Xmidt cjwt through 1.0.1 before 2019-11-25 maps unsupported algorithms to alg=none, which sometimes leads to untrusted accidental JWT acceptance.

CWE-6702019