CVE-2017-13293

In the nfchcicmdreceived function of core.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...

CVE-2017-13305

A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...

DEBIAN-CVE-2017-13305

A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...

UBUNTU-CVE-2017-13306

A elevation of privilege vulnerability in the Upstream kernel mnh driver. Product: Android. Versions: Android kernel. Android ID: A-70295063...

UBUNTU-CVE-2017-13307

A elevation of privilege vulnerability in the Upstream kernel pci sysfs. Product: Android. Versions: Android kernel. Android ID: A-69128924...

UBUNTU-CVE-2017-13304

A information disclosure vulnerability in the Upstream kernel mnhsm driver. Product: Android. Versions: Android kernel. Android ID: A-70576999...

Information disclosure

A information disclosure vulnerability in the Broadcom bcmdhd driver. Product: Android. Versions: Android kernel. Android ID: A-71359108. References: B-V2018010501...

CVE-2017-13303

A information disclosure vulnerability in the Broadcom bcmdhd driver. Product: Android. Versions: Android kernel. Android ID: A-71359108. References: B-V2018010501...

CVE-2017-13293

In the nfchcicmdreceived function of core.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android...

CVE-2017-13304

CVE-2017-13304 describes an information disclosure vulnerability in the Upstream kernel mnh_sm driver affecting Android kernels (notably on Pixel/Nexus devices). The connected CNVD entry explicitly states that the vulnerability exists in the kernel mnh_sm driver and that an attacker can obtain in...

UBUNTU-CVE-2017-13305

A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974...

CVE-2017-17770

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in a power driver ioctl handler, an Untrusted Pointer Dereference may potentially occur...

CVE-2017-13292

In wlgetassocies of wlcfg80211.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android...

PT-2018-3974 · Google +2 · Android Kernel +2

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to a possible use after free due to a race condition in the pppol2tp create function of l2tp ppp.c. This could lead to local escalation of privilege,...

CVE-2017-17764

In all Qualcomm products with Android releases from CAF using the Linux kernel, the numfailureinfo value from firmware is not properly validated in wmarxaggrfailureeventhandler so that an integer overflow vulnerability in a buffer size calculation may potentially lead to a buffer overflow...

CVE-2017-13273

In xtqtaguid.c, there is a race condition due to insufficient locking. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-65853158...

Information disclosure

In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacker has physical access to the device. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

CVE-2017-13247

In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader lock. This could lead to local elevation of privileges with user execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID:...

Google Android Kernel Component Elevation of Privilege Vulnerability (CNVD-2018-05459)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the Google Android Kernel component Kernel. An attacker can exploit this vulnerability to achieve elevation of privilege...

Google Android Kernel Component Elevation of Privilege Vulnerability (CNVD-2018-05460)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the Google Android Kernel component Multi-queue block IO. An attacker can exploit this vulnerability to achieve elevatio...