How severe is CVE-2017-17176?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 6.7 out of 10.

What type of vulnerability is CVE-2017-17176?

This is classified as CWE-787, which is a common weakness in software security.

CVE-2017-17176

MEDIUM Year: 2017

CVSS v3 Score

6.7

Medium

CVSS v2 Score

7.2

High

Weakness Type

CWE-787

View all →

Vulnerability Description

The hardware security module of Mate 9 and Mate 9 Pro Huawei smart phones with the versions earlier before MHA-AL00BC00B156, versions earlier before MHA-CL00BC00B156, versions earlier before MHA-DL00BC00B156, versions earlier before MHA-TL00BC00B156, versions earlier before LON-AL00BC00B156, versions earlier before LON-CL00BC00B156, versions earlier before LON-DL00BC00B156, versions earlier before LON-TL00BC00B156 has a arbitrary memory read/write vulnerability due to the input parameters validation. An attacker with the root privilege of the Android system could exploit this vulnerability to read and write memory data anywhere or execute arbitrary code in the TrustZone.

CVE-2017-18551

MEDIUM

CVSS:6.7(Medium)

An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.

CWE-7872017

CVE-2017-18846

MEDIUM

CVSS:6.7(Medium)

Certain NETGEAR devices are affected by a stack-based buffer overflow. This affects R6250 before 1.0.4.12, R6400v2 before 1.0.2.32, R7000P/R6900P before 1.0.0.56, R7900 before 1.0.1.18, R8300 before 1...

CWE-7872017

CVE-2018-3632

MEDIUM

CVSS:6.7(Medium)

Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be trig...

CWE-7872018

CVE-2018-9368

MEDIUM

CVSS:6.7(Medium)

In mtkscoaudio debugfs there is a possible arbitrary kernel memory write due to missing bounds check and weakened SELinux policies. This could lead to local escalation of privilege with system executi...

CWE-7872018

CVE-2018-9386

MEDIUM

CVSS:6.7(Medium)

In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution priv...

CWE-7872018

CVE-2018-9391

MEDIUM

CVSS:6.7(Medium)

In update_gps_sv and output_vzw_debug of vendor/mediatek/proprietary/hardware/connectivity/gps/gps_hal/src/gpshal_wor ker.c, there is a possible out of bounds write due to a missing bounds check. This...

CWE-7872018

CVE-2017-17176

Vulnerability Description

Related Vulnerabilities

CVE-2017-18551

CVE-2017-18846

CVE-2018-3632

CVE-2018-9368

CVE-2018-9386

CVE-2018-9391