CVE-2017-5538 Information

Description

The kbase_dispatch function in arm/t7xx/r5p0/mali_kbase_core_linux.c in the GPU driver on Samsung devices with M(6.0) and N(7.0) software and Exynos AP chipsets allows attackers to have unspecified impact via unknown vectors which trigger an out-of-bounds read aka SVE-2016-6362.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Reference

http://security.samsungmobile.com/smrupdate.htmlSMR-JAN-2017 http://www.openwall.com/lists/oss-security/2017/01/19/3 http://www.openwall.com/lists/oss-security/2017/01/20/2 http://www.securityfocus.com/bid/95674

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

9.8