Details of VAR-201803-1354

ID

VAR-201803-1354

CVE

CVE-2017-6282

TITLE

NVIDIA Tegra Vulnerability related to the condition that an arbitrary value can be written to an arbitrary location in the kernel driver

Trust: 0.8

sources: JVNDB: JVNDB-2017-012848

DESCRIPTION

NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high. NVIDIASHIELDTV is a game console device from NVIDIA. Tegrakerneldriver is one of the Tegra processor kernel drivers. NVMAP is one of the components. NVMAP of the Tegra kernel driver in NVIDIASHIELDTVSE6.2 and earlier has a security vulnerability

Trust: 2.25

sources: NVD: CVE-2017-6282 // JVNDB: JVNDB-2017-012848 // CNVD: CNVD-2018-05986 // VULHUB: VHN-114485

IOT TAXONOMY

category:

['Network device']

sub_category:

Trust: 0.6

sources: CNVD: CNVD-2018-05986

AFFECTED PRODUCTS

vendor:	google	model:	android	scope:	eq	version:	-	Trust: 1.6
vendor:	nvidia	model:	shield tv	scope:	lte	version:	6.2	Trust: 1.0
vendor:	google	model:	android	scope:	-	version:	-	Trust: 0.8
vendor:	nvidia	model:	shield tv	scope:	-	version:	-	Trust: 0.8
vendor:	nvidia	model:	tegra kernel driver	scope:	-	version:	-	Trust: 0.6

sources: CNVD: CNVD-2018-05986 // JVNDB: JVNDB-2017-012848 // CNNVD: CNNVD-201803-179 // NVD: CVE-2017-6282

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2017-6282
value:	HIGH
Trust: 1.0
NVD:	CVE-2017-6282
value:	HIGH
Trust: 0.8
CNVD:	CNVD-2018-05986
value:	HIGH
Trust: 0.6
CNNVD:	CNNVD-201803-179
value:	HIGH
Trust: 0.6
VULHUB:	VHN-114485
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2017-6282
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
CNVD:	CNVD-2018-05986
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.6
VULHUB:	VHN-114485
severity:	HIGH
baseScore:	7.2
vectorString:	AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	COMPLETE
integrityImpact:	COMPLETE
availabilityImpact:	COMPLETE
exploitabilityScore:	3.9
impactScore:	10.0
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2017-6282
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.0
Trust: 1.8

sources: CNVD: CNVD-2018-05986 // VULHUB: VHN-114485 // JVNDB: JVNDB-2017-012848 // CNNVD: CNNVD-201803-179 // NVD: CVE-2017-6282

PROBLEMTYPE DATA

problemtype:

CWE-123

Trust: 1.9

sources: VULHUB: VHN-114485 // JVNDB: JVNDB-2017-012848 // NVD: CVE-2017-6282

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201803-179

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201803-179

CONFIGURATIONS

sources: JVNDB: JVNDB-2017-012848

PATCH

title:	トップページ	url:	https://www.android.com/intl/ja_jp/phones/	Trust: 0.8
title:	Answer ID 4631	url:	http://nvidia.custhelp.com/app/answers/detail/a_id/4631	Trust: 0.8
title:	NVIDIASHIELDTVTegra kernel driver NVMAP privilege escalation vulnerability patch	url:	https://www.cnvd.org.cn/patchInfo/show/122735	Trust: 0.6
title:	NVIDIA SHIELD TV Tegra Kernel driver NVMAP Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=78940	Trust: 0.6

sources: CNVD: CNVD-2018-05986 // JVNDB: JVNDB-2017-012848 // CNNVD: CNNVD-201803-179

EXTERNAL IDS

db:	NVD	id:	CVE-2017-6282	Trust: 3.1
db:	JVNDB	id:	JVNDB-2017-012848	Trust: 0.8
db:	CNVD	id:	CNVD-2018-05986	Trust: 0.6
db:	CNNVD	id:	CNNVD-201803-179	Trust: 0.6
db:	VULHUB	id:	VHN-114485	Trust: 0.1

sources: CNVD: CNVD-2018-05986 // VULHUB: VHN-114485 // JVNDB: JVNDB-2017-012848 // CNNVD: CNNVD-201803-179 // NVD: CVE-2017-6282

REFERENCES

url:	http://nvidia.custhelp.com/app/answers/detail/a_id/4631	Trust: 2.3
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6282	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2017-6282	Trust: 0.8

sources: CNVD: CNVD-2018-05986 // VULHUB: VHN-114485 // JVNDB: JVNDB-2017-012848 // CNNVD: CNNVD-201803-179 // NVD: CVE-2017-6282

SOURCES

db:	CNVD	id:	CNVD-2018-05986
db:	VULHUB	id:	VHN-114485
db:	JVNDB	id:	JVNDB-2017-012848
db:	CNNVD	id:	CNNVD-201803-179
db:	NVD	id:	CVE-2017-6282

LAST UPDATE DATE

2024-11-23T22:34:19.377000+00:00

SOURCES UPDATE DATE

db:	CNVD	id:	CNVD-2018-05986	date:	2018-03-22T00:00:00
db:	VULHUB	id:	VHN-114485	date:	2018-03-27T00:00:00
db:	JVNDB	id:	JVNDB-2017-012848	date:	2018-04-24T00:00:00
db:	CNNVD	id:	CNNVD-201803-179	date:	2018-03-07T00:00:00
db:	NVD	id:	CVE-2017-6282	date:	2024-11-21T03:29:27.113

SOURCES RELEASE DATE

db:	CNVD	id:	CNVD-2018-05986	date:	2018-03-22T00:00:00
db:	VULHUB	id:	VHN-114485	date:	2018-03-06T00:00:00
db:	JVNDB	id:	JVNDB-2017-012848	date:	2018-04-24T00:00:00
db:	CNNVD	id:	CNNVD-201803-179	date:	2018-03-07T00:00:00
db:	NVD	id:	CVE-2017-6282	date:	2018-03-06T16:29:00.277