1662 matches found
CVE-2016-3864
The Qualcomm radio interface layer in Android before 2016-09-05 on Nexus 5, Nexus 5X, Nexus 6, Nexus 6P, and Android One devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28823714 and Qualcomm internal bug CR913117...
Code injection
The wcdcalhwdepioctlshared function in sound/soc/codecs/wcdcal-hwdep.c in the Qualcomm sound codec in Android before 2016-09-05 on Nexus 6P devices does not properly copy firmware data, which allows attackers to obtain sensitive information via a crafted application, aka Android internal bug...
Command injection
CORE/HDD/src/wlanhddwext.c in the Qualcomm Wi-Fi driver in Android before 2016-09-05 on Nexus 5X devices does not properly validate the arguments array, which allows attackers to gain privileges via a crafted application that sends a WEUNITTESTCMD command, aka Android internal bug 29944562 and...
Code injection
The Qualcomm IPA driver in Android before 2016-09-05 on Nexus 5X and 6P devices allows attackers to gain privileges via a crafted application, aka Android internal bug 28919863 and Qualcomm internal bug CR1037897...
CVE-2016-3897
CVE-2016-3897 affects Android Wi‑Fi: the WifiEnterpriseConfig.java class’s toString() returns the stored password, enabling information disclosure. Affected: Android 4.x before 4.4.4; 5.0.x before 5.0.2; 5.1.x before 5.1.1; 6.x before 2016-09-01. Root cause: sensitive password data is exposed in ...
Google Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow
Google Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=840 There's an inconsistency between the way that the two functions in libutils/Unicode.cpp handle invalid surrogate pairs in UTF16, resulting in a mismatch...
Android - libutils UTF16 to UTF8 Conversion Heap Buffer Overflow
Exploit for Android platform in category remote exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=840 There's an inconsistency between the way that the two functions in libutils/Unicode.cpp handle invalid surrogate pairs in UTF16, resulting in a mismatch between the size...
CVE-2015-8938
The MSM camera driver in the Qualcomm components in Android before 2016-08-05 on Nexus 6 devices does not validate input parameters, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28804030 and Qualcomm internal bug CR766022...
CVE-2014-9874
Buffer overflow in the Qualcomm components in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 2013 devices allows attackers to gain privileges via a crafted application, related to arch/arm/mach-msm/qdsp6v2/audioutils.c and sound/soc/msm/qdsp6v2/q6asm.c, aka Android internal bug 28751152 and...
CVE-2014-9873
Integer underflow in drivers/char/diag/diagdci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 2013 devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28750726 and Qualcomm internal bug CR55686...
CVE-2014-9878
drivers/mmc/card/mmcblocktest.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not reject kernel-space buffer addresses, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769208 and Qualcomm internal bug CR547479...
CVE-2014-9871
Multiple buffer overflows in drivers/media/platform/msm/camerav2/isp/msmisputil.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 2013 devices allow attackers to gain privileges via a crafted application, aka Android internal bug 28749803 and Qualcomm internal bug CR51471...
CVE-2014-9869
drivers/media/platform/msm/camerav2/isp/msmispstatsutil.c in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 2013 devices does not validate certain index values, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28749728 and Qualco...
Design/Logic Flaw
drivers/char/diag/diagdci.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 2013 devices allows attackers to gain privileges via a crafted application that sends short DCI request packets, aka Android internal bug 28767589 and Qualcomm internal bug CR483310...
CVE-2014-9879
The mdss mdp3 driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 devices does not validate user-space data, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28769221 and Qualcomm internal bug CR524490...
Buffer overflow
drivers/media/radio/radio-iris.c in the Qualcomm components in Android before 2016-08-05 on Nexus 7 2013 devices uses an incorrect integer data type, which allows attackers to gain privileges or cause a denial of service buffer overflow via a crafted application, aka Android internal bug 28769368...
Code injection
The ethtoolgetwol function in net/core/ethtool.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not initialize a certain data structure, which allows local users to obtain sensitive information via a crafted application, aka Android...
CVE-2014-9863
Integer underflow in the diag driver in the Qualcomm components in Android before 2016-08-05 on Nexus 5 and 7 2013 devices allows attackers to gain privileges or obtain sensitive information via a crafted application, aka Android internal bug 28768146 and Qualcomm internal bug CR549470...
CVE-2014-9888
arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 a...
Out-of-bounds
drivers/media/video/msm/msmmctlbuf.c in the Qualcomm components in Android before 2016-08-05 does not validate the image mode, which allows attackers to cause a denial of service out-of-bounds array access or possibly have unspecified other impact via a crafted application, aka Qualcomm internal...