Stack overflow

In all Android releases from CAF using the Linux kernel, an array index in an ALSA routine is not properly validating potentially leading to kernel stack corruption...

CVE-2017-7369

CVE-2017-7369 affects Android CAF builds using the Linux kernel. The vulnerability stems from an array index in an ALSA routine not properly validating input, which can potentially lead to kernel stack corruption. Public details in the provided documents describe the root cause and impact but do ...

CVE-2017-7369

In all Android releases from CAF using the Linux kernel, an array index in an ALSA routine is not properly validating potentially leading to kernel stack corruption...

CVE-2017-7369

In all Android releases from CAF using the Linux kernel, an array index in an ALSA routine is not properly validating potentially leading to kernel stack corruption...

CVE-2014-9948

In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist...

CVE-2014-9948

In TrustZone in all Android releases from CAF using the Linux kernel, an Improper Validation of Array Index vulnerability could potentially exist...

Adobe Reader DC XFA Array Index Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's...

Aerospike Database Server RW Fabric Message Particle Type Code Execution Vulnerability

Summary An exploitable out-of-bounds indexing vulnerability exists within the RW fabric message particle type of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause the server to fetch a function table outside the bounds of an array resulting in remote code execution. An...

Code injection

Array index error in the msmsensorconfig function in kernel/SM-G9008VCHNKKOpensource/Kernel/drivers/media/platform/msm/camerav2/sensor/msmsensor.c in Samsung devices with Android KK4.4 or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the...

CVE-2016-4038

Array index error in the msmsensorconfig function in kernel/SM-G9008VCHNKKOpensource/Kernel/drivers/media/platform/msm/camerav2/sensor/msmsensor.c in Samsung devices with Android KK4.4 or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the...

CVE-2016-4038

Array index error in the msmsensorconfig function in kernel/SM-G9008VCHNKKOpensource/Kernel/drivers/media/platform/msm/camerav2/sensor/msmsensor.c in Samsung devices with Android KK4.4 or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the...

CVE-2016-4038

The CVE-2016-4038 issue affects Samsung devices running Android KK (4.4) or L on APQ8084, MSM8974, or MSM8974pro, due to an array bounds issue in msm_sensor_config (kernel/drivers/media/platform/msm/camera_v2/sensor/msm_sensor.c). Local users could exploit gpio_config.gpio_name to cause unspecifi...

CVE-2016-4038

Array index error in the msmsensorconfig function in kernel/SM-G9008VCHNKKOpensource/Kernel/drivers/media/platform/msm/camerav2/sensor/msmsensor.c in Samsung devices with Android KK4.4 or L and an APQ8084, MSM8974, or MSM8974pro chipset allows local users to have unspecified impact via the...

CVE-2016-8815

All versions of NVIDIA Windows GPU Display Driver contain a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape where a value passed from a user to the driver is used without validation as the index to an array, leading to denial of service or potential escalation of...

CVE-2016-8810

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x100009a where a value passed from an user to the driver is used without...

CVE-2016-8808

For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer nvlddmkm.sys handler for DxgDdiEscape ID 0x70000d5 where a value passed from an user to the driver is used without...

CVE-2016-7989

On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually...

The vulnerability of the Android operating system, which allows a hacker to increase their privileges

The vulnerability of the drivers/media/platform/msm/camerav2/isp/msmispaxiutil.c file of the Qualcomm Android operating system lies in the improper way in which array indices are checked. Exploiting this vulnerability allows a remote attacker to enhance their privileges through a specially create...

UBUNTU-CVE-2015-8941

drivers/media/platform/msm/camerav2/isp/msmispaxiutil.c in the Qualcomm components in Android before 2016-08-05 on Nexus 6 and 7 2013 devices does not properly validate array indexes, which allows attackers to gain privileges via a crafted application, aka Android internal bug 28814502 and Qualco...

Apple Mac OSX Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver

Apple Mac OSX Kernel - Unchecked Array Index Used to Read Object Pointer Then Call Virtual Method in Nvidia Geforce Driver / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=709 nvDevice::ReleaseDeviceTexture is external method 0x10a of userclient 5 of the geforce IOAccelerator. ...