3774 matches found
CVE-2018-9422
In getfutexkey of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74250718 References: Upstre...
CVE-2018-9385
In driveroverridestore of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android I...
Memory corruption
In taskgetunusedfdflags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android I...
CVE-2018-9415
In driveroverridestore and driveroverrideshow of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel...
UBUNTU-CVE-2018-9385
In driveroverridestore of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android I...
CVE-2018-9363
In the hidpprocessreport in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream...
CVE-2018-9465
Summary : CVE-2018-9465 affects the Android kernel, specifically the binder.c task_get_unused_fd_flags path, where a use-after-free can cause memory corruption. This could enable local privilege escalation with no extra privileges required and without user interaction. Multiple connected advisori...
CVE-2018-9422
In getfutexkey of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74250718 References: Upstre...
CVE-2018-9415
In driveroverridestore and driveroverrideshow of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel...
CVE-2018-9415
In driveroverridestore and driveroverrideshow of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel...
CVE-2018-9516
In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android...
UBUNTU-CVE-2018-9516
In hiddebugeventsread of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android...
Google Android Kernel elevation of privilege vulnerability (CNVD-2019-01596)
Google Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA in the U.S. Kernel is one of the kernel components used in the system. Google Android suffers from elevation of privilege vulnerabilities. These vulnerabilities can be...
Google Adds Control-Flow Integrity to Beef up Android Kernel Security
Google has added a new security feature to the latest Linux kernels for Android devices to prevent it against code reuse attacks that allow attackers to achieve arbitrary code execution by exploiting control-flow hijacking vulnerabilities. In code reuse attacks, attackers exploit memory corruptio...
Google Adds Control-Flow Integrity to Beef up Android Kernel Security
Google has added a new security feature to the latest Linux kernels for Android devices to prevent it against code reuse attacks that allow attackers to achieve arbitrary code execution by exploiting control-flow hijacking vulnerabilities. In code reuse attacks, attackers exploit memory corruptio...
The vulnerability of the `sdcardfs_open` function in the Android operating system’s kernel allows a hacker to increase their privileges.
The vulnerability of the sdcardfsopen function in the Android operating system’s kernel is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...
Vulnerability of the `sdcardfs_create` and `sdcardfs_mkdir` functions in the Android operating system’s kernel, allowing attackers to escalate their privileges
The vulnerabilities of the sdcardfscreate and sdcardfsmkdir functions in inode.c of the Android operating system stem from operations that go beyond the buffer boundaries in memory. Exploiting these vulnerabilities can allow attackers to gain increased privileges...
The vulnerability of the copy_process function in the Android operating system’s kernel allows a hacker to increase their privileges.
The vulnerability of the copyprocess function in the Android operating system’s kernel is caused by repeated memory release. Exploiting this vulnerability can allow an attacker to increase their privileges...
CVE-2018-9515
In sdcardfscreate and sdcardfsmkdir of inode.c, there is a possible memory corruption due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kerne...
CVE-2018-9514
In sdcardfsopen of file.c, there is a possible Use After Free due to an unusual root cause. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID:...