CVE-2017-13304

Publication date 4 April 2018

Last updated 25 August 2025

Ubuntu priority

Medium

Why this priority?

Cvss 3 Severity Score

5.3 · Medium

Score breakdown

Description

A information disclosure vulnerability in the Upstream kernel mnh_sm driver. Product: Android. Versions: Android kernel. Android ID: A-70576999.

Read the notes from the security team

Status

Package Ubuntu Release Status
linux 17.10 artful
Not affected
16.04 LTS xenial
Not affected
14.04 LTS trusty
Not affected
linux-azure 17.10 artful Not in release
16.04 LTS xenial
Not affected
14.04 LTS trusty
Not affected
linux-gcp 17.10 artful Not in release
16.04 LTS xenial
Not affected
14.04 LTS trusty Not in release
linux-gke 17.10 artful Not in release
16.04 LTS xenial
Not affected
14.04 LTS trusty Not in release
linux-goldfish 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-grouper 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-hwe 17.10 artful Not in release
16.04 LTS xenial
Not affected
14.04 LTS trusty Not in release
linux-hwe-edge 17.10 artful Not in release
16.04 LTS xenial
Not affected
14.04 LTS trusty Not in release
linux-kvm 17.10 artful Not in release
16.04 LTS xenial
Not affected
14.04 LTS trusty Not in release
linux-lts-trusty 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lts-utopic 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lts-vivid 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lts-wily 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-lts-xenial 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty
Not affected
linux-maguro 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-mako 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-manta 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-raspi2 17.10 artful
Not affected
16.04 LTS xenial
Not affected
14.04 LTS trusty Not in release
linux-snapdragon 17.10 artful
Not affected
16.04 LTS xenial
Not affected
14.04 LTS trusty Not in release
linux-flo 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-aws 17.10 artful Not in release
16.04 LTS xenial
Not affected
14.04 LTS trusty
Not affected
linux-euclid 17.10 artful Not in release
16.04 LTS xenial Not in release
14.04 LTS trusty Not in release
linux-oem 17.10 artful Not in release
16.04 LTS xenial
Not affected
14.04 LTS trusty Not in release

Notes

sbeattie

affected android specific driver only, mnh/mnh-mipi.c does not affect aquarius E4.5 or E5 kernels either

Severity score breakdown

Parameter Value
Base score 5.3 · Medium
Attack vector Network
Attack complexity Low
Privileges required None
User interaction None
Scope Unchanged
Confidentiality Low
Integrity impact None
Availability impact None
Vector CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

References

Other references