CVE-2017-0806

Published: Oct 4, 2017Modified: May 13, 2026

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

An elevation of privilege vulnerability in the Android framework (gatekeeperresponse). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-62998805.

Affected (7)

Products: Google: Android

1 product

Configuration A

7 vulnerable

Vulnerable Software	Affected Versions
Google Android	Version 6.0.1
Google Android	Version 6.0
Google Android	Version 7.0
Google Android	Version 7.1.0
Google Android	Version 7.1.1
Google Android	Version 7.1.2
Google Android	Version 8.0

Related CWEs

Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently verifying that the resulting data will be valid.

References (6)

http://www.securityfocus.com/bid/101086

Source: security@android.com

Third Party AdvisoryVDB Entry

https://android.googlesource.com/platform/frameworks/base/+/b87c968e5a41a1a09166199bf54eee12608f3900

Source: security@android.com

Issue TrackingPatchVendor Advisory

https://source.android.com/security/bulletin/2017-10-01

Source: security@android.com

PatchVendor Advisory

http://www.securityfocus.com/bid/101086

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://android.googlesource.com/platform/frameworks/base/+/b87c968e5a41a1a09166199bf54eee12608f3900

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingPatchVendor Advisory

https://source.android.com/security/bulletin/2017-10-01

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.