587 matches found
CVE-2017-13211
In btascanresultscbimpl of btifblescanner.cc, there is possible resource exhaustion if a large number of repeated BLE scan results are received. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not neede...
CVE-2017-13210
In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, there is an out-of-bounds write if metadataSize is too small. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is n...
Design/Logic Flaw
In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...
CVE-2017-0855
In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not need...
Out-of-bounds
In the ihevcdallocatestaticbufs and ihevcdcreate functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both pscodecobj and pscreateop-sivdcreateopt.pvhandle point to the same memory and pscodecobj could be freed without clearing pscreateop-sivdcreateopt.pvhandle...
Design/Logic Flaw
In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2017-0855
In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. This could lead to remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not need...
Privilege escalation
In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service. This could lead to a local elevation of privilege enabling code...
Integer overflow
In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not...
Design/Logic Flaw
In the ihevcdparsesps function of ihevcdparseheaders.c, several parameter values could be negative which could lead to negative indexes which could lead to an infinite loop. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed...
Out-of-bounds
In receivepacket of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2017-13184
In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...
CVE-2017-13200
An information disclosure vulnerability in the Android media framework av related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-63100526...
CVE-2017-13177
The CVE-2017-13177 entry concerns a vulnerability in the Android Media Framework where several libhevc functions fail to preserve NEON registers. This can enable remote code execution (RCE) in a privileged process with no required user interaction, affecting Android versions 5.1.1, 6.0, 6.0.1, 7....
CVE-2017-13199
In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a remote denial of service of a critical system process with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2017-13182
In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not...
CVE-2017-13212
CVE-2017-13212 is an Elevation of Privilege in Android’s systemui affecting Android 5.1.1–8.0. The vulnerable component is the Android System UI; root cause is not detailed in the provided documents. No exploitation details are provided. The Pixel/Nexus bulletin lists this CVE under the System ca...
Google Android Media Framework elevation of privilege vulnerability (CNVD-2018-00635)
Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA, and MediaFramework is one of the frameworks used for multimedia development. An elevation of privilege vulnerability exists in Media Framework in Android versions 8.0 and 8.1. A...
Google Android System Component Elevation of Privilege Vulnerability
Android is a Linux-based open source operating system jointly developed by Google and the Open Handheld Alliance OHA. An elevation of privilege vulnerability exists in Android versions 8.0 and 8.1. A remote attacker can exploit this vulnerability to execute arbitrary code...
CVE-2017-13178
In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. This could lead to remote code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for...