1768 matches found
Integer overflow
Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 2013 devices allows attackers to gain privileges via a crafted header field in a boot image, aka Android internal bug 27917291 and Qualcomm internal bug CR945164...
CVE-2016-3851
CVE-2016-3851 concerns an elevation-of-privilege issue in the LG Electronics bootloader on Nexus 5X devices. The vulnerability arises when a compromised privileged process can be leveraged to gain higher privileges within the system. Public details confirm this is a local escalation risk affectin...
CVE-2016-3851
The LG Electronics bootloader Android before 2016-08-05 on Nexus 5X devices allows attackers to gain privileges by leveraging access to a privileged process, aka internal bug 29189941...
CVE-2016-3850
CVE-2016-3850 describes an integer overflow in aboot.c (Qualcomm bootloader) affecting Android devices prior to 2016-08-05, including Nexus 5, 5X, 6P, and 7 (2013). The vulnerability allows privilege escalation via a crafted header field in a boot image. The provided documents do not specify exac...
CVE-2016-3850
Integer overflow in app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-08-05 on Nexus 5, 5X, 6P, and 7 2013 devices allows attackers to gain privileges via a crafted header field in a boot image, aka Android internal bug 27917291 and Qualcomm internal bug CR945164...
Android Qualcomm Bootloader Denial of Service Vulnerability
Android on Nexus 5 and 7 is an open source Linux-based operating system for the Nexus 5 and 7 smartphones developed by Google and the Open Handset Alliance OHA.The Qualcomm bootloader is a Qualcomm-developed bootloader that is used in the... Qualcomm bootloader is a Qualcomm-developed bootloader....
CVE-2015-8893
app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 and 7 2013 devices allows attackers to cause a denial of service OS outage or buffer over-read via a crafted application, aka Android internal bug 28822690 and Qualcomm internal bug CR822275...
Design/Logic Flaw
app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 and 7 2013 devices allows attackers to cause a denial of service OS outage or buffer over-read via a crafted application, aka Android internal bug 28822690 and Qualcomm internal bug CR822275...
CVE-2014-9798
platform/msmshared/devtree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attackers to cause a denial of service OS outage via a crafted application, aka Android internal bug...
UBUNTU-CVE-2014-9798
platform/msmshared/devtree.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 devices does not check the relationship between tags addresses and aboot addresses, which allows attackers to cause a denial of service OS outage via a crafted application, aka Android internal bug...
CVE-2015-8893
CVE-2015-8893 concerns the Qualcomm bootloader (aboot.c) in Android on Nexus 5 and Nexus 7 (2013) devices. A crafted application can cause a denial of service (OS outage or buffer over-read). The issue affects Android platforms pre-dating the 2016-07-05 patch level; the available connected docume...
CVE-2014-9798
CVE-2014-9798 concerns the Qualcomm bootloader on Nexus 5 running Android before 2016-07-05. The flaw arises in platform/msm_shared/dev_tree.c where the bootloader does not validate the relationship between tag addresses and aboot addresses, enabling a crafted application to cause a denial-of-ser...
CVE-2015-8893
app/aboot/aboot.c in the Qualcomm bootloader in Android before 2016-07-05 on Nexus 5 and 7 2013 devices allows attackers to cause a denial of service OS outage or buffer over-read via a crafted application, aka Android internal bug 28822690 and Qualcomm internal bug CR822275...
Android Qualcomm Bootloader Denial of Service Vulnerability
Android on Nexus 5 and 7 is an open source Linux-based operating system for the Nexus 5 and 7 smartphones developed by Google and the Open Handset Alliance OHA.The Qualcomm bootloader is a Qualcomm-developed bootloader that is used in the... Qualcomm bootloader is a Qualcomm-developed bootloader....
Scientific Linux Security Update : grub2 on SL7.x x86_64 (20151119)
It was discovered that grub2 builds for EFI systems contained modules that were not suitable to be loaded in a Secure Boot environment. An attacker could use this flaw to circumvent the Secure Boot mechanisms and load non- verified code. Attacks could use the boot menu if no password was set, or...
[SECURITY] Fedora 22 Update: grub2-2.02-0.18.fc22
The GRand Unified Bootloader GRUB is a highly configurable and customizab le bootloader with modular architecture. It support rich varietyof kernel for mats, file systems, computer architectures and hardware devices. This subpackage provides support for PC BIOS systems...
Moderate: Red Hat Security Advisory: grub2 security and bug fix update
Updated grub2 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
[SECURITY] Fedora 23 Update: grub2-2.02-0.25.fc23
The GRand Unified Bootloader GRUB is a highly configurable and customizab le bootloader with modular architecture. It support rich varietyof kernel for mats, file systems, computer architectures and hardware devices. This subpackage provides support for PC BIOS systems...
libxl leak of pv kernel and initrd on error
ISSUE DESCRIPTION When constructing a guest which is configured to use a PV bootloader which runs as a userspace process in the toolstack domain e.g. pygrub libxl creates a mapping of the files to be used as kernel and initial ramdisk when building the guest domain. However if building the domain...
xen-tools -- libxl leak of pv kernel and initrd on error
The Xen Project reports: When constructing a guest which is configured to use a PV bootloader which runs as a userspace process in the toolstack domain e.g. pygrub libxl creates a mapping of the files to be used as kernel and initial ramdisk when building the guest domain. However if building the...