{"id":"CVE-2017-0520","details":"An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31750232. References: QC-CR#1082636.","modified":"2026-03-14T14:24:15.987721Z","published":"2017-03-08T01:59:02.580Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/bid/96804"},{"type":"WEB","url":"http://www.securitytracker.com/id/1037968"},{"type":"WEB","url":"https://source.android.com/security/bulletin/2017-03-01"},{"type":"ADVISORY","url":"https://source.android.com/security/bulletin/2017-03-01.html"},{"type":"FIX","url":"https://source.codeaurora.org/quic/la/kernel/msm-3.18/commit/?id=eb2aad752c43f57e88ab9b0c3c5ee7b976ee31dd"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-0520.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"3.10"}]},{"events":[{"introduced":"0"},{"last_affected":"3.18"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}