Google Android 11.0 iptables out-of-bounds write

entryeditHistoryDiffjsonxmlCTI

A vulnerability was found in Google Android 11.0 (Smartphone Operating System) and classified as critical. Affected by this issue is an unknown code block of the component iptables. Applying a patch is able to eliminate this problem.

Field09/19/2020 08:44 AM09/19/2020 08:49 AM
vendorGoogleGoogle
nameAndroidAndroid
version11.011.0
componentiptablesiptables
risk22
cvss2_vuldb_basescore3.53.5
cvss2_vuldb_tempscore3.03.0
cvss2_vuldb_avLL
cvss2_vuldb_acHH
cvss2_vuldb_auSS
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss3_meta_basescore5.65.6
cvss3_meta_tempscore5.35.3
cvss3_vuldb_basescore4.54.5
cvss3_vuldb_tempscore4.34.3
cvss3_vuldb_avLL
cvss3_vuldb_acHH
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
date1600387200 (09/18/2020)1600387200 (09/18/2020)
urlhttps://source.android.com/security/bulletin/android-11https://source.android.com/security/bulletin/android-11
price_0day$25k-$100k$25k-$100k
price_trend++
namePatchPatch
cveCVE-2020-0347CVE-2020-0347
seealso161398 161399 161402 161403 161404 161405 161406 161407 161408 161410 161411 161412 161413 161414 161415 161416 161417 161418 161419 161420 161421 161422 161423 161424 161425 161426 161427 161428 161429 161430161398 161399 161402 161403 161404 161405 161406 161407 161408 161410 161411 161412 161413 161414 161415 161416 161417 161418 161419 161420 161421 161422 161423 161424 161425 161426 161427 161428 161429 161430
locationWebsiteWebsite
cvss2_vuldb_eNDND
cvss2_vuldb_rlOFOF
cvss2_vuldb_rcNDND
cvss3_vuldb_eXX
cvss3_vuldb_rlOO
cvss3_vuldb_rcXX
cvss3_nvd_basescore6.76.7
typeSmartphone Operating System
cwe0787 (memory corruption)
cvss2_nvd_avL
cvss2_nvd_acL
cvss2_nvd_auN
cvss2_nvd_ciP
cvss2_nvd_iiP
cvss2_nvd_aiP
cvss3_nvd_avL
cvss3_nvd_acL
cvss3_nvd_prH
cvss3_nvd_uiN
cvss3_nvd_sU
cvss3_nvd_cH
cvss3_nvd_iH
cvss3_nvd_aH
cve_assigned1571270400
cve_nvd_summaryIn iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!