QwikSec

Security Database

CVE

CWE

Training

CVE-2017-0553

Published: Apr 7, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

An elevation of privilege vulnerability in libnl could enable a local malicious application to execute arbitrary code within the context of the Wi-Fi service. This issue is rated as Moderate because it first requires compromising a privileged process and is mitigated by current platform configurations. Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-32342065. NOTE: this issue also exists in the upstream libnl before 3.3.0 library.

Vendor	Product	Versions
Google Inc.	Android	affected `Android-5.0.2` affected `Android-5.1.1` affected `Android-6.0` affected `Android-6.0.1` affected `Android-7.0` +1 more versions

References

http://git.infradead.org/users/tgr/libnl.git/commit/3e18948f17148e6a3c4255bdeaaf01ef6081ceeb

x_refsource_CONFIRM

FEDORA-2017-34f6e70fdd

vendor-advisory

x_refsource_FEDORA

https://source.android.com/security/bulletin/2017-04-01

x_refsource_CONFIRM

[libnl] 20170503 ANN: libnl 3.3.0 released

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_UBUNTU

FEDORA-2017-7a5363b41d

vendor-advisory

x_refsource_FEDORA

vendor-advisory

x_refsource_UBUNTU

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.