Integer Underflow (Wrap or Wraparound)
CVE-2017-7367
Summary
In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image.
- LOW
- LOCAL
- HIGH
- UNCHANGED
- REQUIRED
- NONE
- HIGH
- HIGH
CWE-191 - Integer Underflow (Wrap or Wraparound)
The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.
References
Advisory Timeline
- Published