CVE-2018-6267 Information

Description

NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program which may lead to denial of service or escalation of privileges. Android ID: A-70857947.

CVSS Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Reference

http://www.securityfocus.com/bid/106846 https://nvidia.custhelp.com/app/answers/detail/a_id/4787 https://nvidia.custhelp.com/app/answers/detail/a_id/4804 https://nvidia.custhelp.com/app/answers/detail/a_id/4910 https://source.android.com/security/bulletin/2019-02-01

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

REQUIRED

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.8