CVE-2017-13179 : In the ihevcd_allocate_static_bufs and ihevcd

In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both ps_codec_obj and ps_create_op->s_ivd_create_op_t.pv_handle point to the same memory and ps_codec_obj could be freed without clearing ps_create_op->s_ivd_create_op_t.pv_handle. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-66969193.

Published 2018-01-12 23:29:00

Updated 2018-02-02 14:49:04

Source Android (associated with Google Inc. or Open Handset Alliance)

View at NVD, CVE.org

Vulnerability category: Memory CorruptionExecute code

Products affected by CVE-2017-13179

Google » Android » Version: 6.0.1
cpe:2.3:o:google:android:6.0.1:*:*:*:*:*:*:*
Matching versions
Google » Android » Version: 7.0
cpe:2.3:o:google:android:7.0:*:*:*:*:*:*:*
Matching versions
Google » Android » Version: 7.1.2
cpe:2.3:o:google:android:7.1.2:*:*:*:*:*:*:*
Matching versions
Google » Android » Version: 7.1.1
cpe:2.3:o:google:android:7.1.1:*:*:*:*:*:*:*
Matching versions
Google » Android » Version: 8.0
cpe:2.3:o:google:android:8.0:*:*:*:*:*:*:*
Matching versions
Google » Android » Version: 8.1
cpe:2.3:o:google:android:8.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2017-13179

EPSS FAQ

4.25%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 88 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2017-13179

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete
9.8	CRITICAL	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	3.9	5.9	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2017-13179

CWE-416 Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

Assigned by: nvd@nist.gov (Primary)
CWE-787 Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2017-13179

http://www.securityfocus.com/bid/102414

Google Android Media Framework Component Multiple Security Vulnerabilities
Third Party Advisory;VDB Entry

CVEs referencing this url
http://www.securitytracker.com/id/1040106

Google Android Bugs Let Remote Users Obtain Sensitive Information, Deny Service, and Execute Arbitrary Code - SecurityTracker
Third Party Advisory;VDB Entry

CVEs referencing this url
https://source.android.com/security/bulletin/2018-01-01

Android Security Bulletin—January 2018 | Android Open Source Project
Patch;Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2017-13179

Products affected by CVE-2017-13179

Exploit prediction scoring system (EPSS) score for CVE-2017-13179

CVSS scores for CVE-2017-13179

CWE ids for CVE-2017-13179

References for CVE-2017-13179