9730 matches found
CVE-2017-0335
CVE-2017-0335 affects the NVIDIA GPU driver on Android (Kernel-3.18) with a local elevation of privilege that could allow a malicious app to execute code in the kernel. Public details in the Android 2017-03-01/03-05 security bulletins indicate this vulnerability is addressed by patches delivered ...
CVE-2017-0306
CVE-2017-0306 affects the NVIDIA Tegra GPU driver (NVHOST) within the Android kernel (Kernel-3.10). A vulnerability in the NVHOST driver copies an input buffer to an output buffer without validating size, which can lead to denial of service and may enable local privilege escalation by a malicious...
CVE-2017-0501
CVE-2017-0501 : Elevation of privilege in MediaTek components (including M4U, sound, touchscreen, GPU, and Command Queue drivers) could allow a local malicious app to execute arbitrary code in the kernel context on Android. The vulnerability is rated Critical due to potential permanent device com...
CVE-2017-0503
Technical details sufficient to assess affected components, root cause, or fixes are not publicly provided in the supplied documents. Please monitor for updates from official vulnerability feeds for CVE-2017-0503.
CVE-2017-0500
CVE-2017-0500 is an elevation of privilege vulnerability in MediaTek components used in Android, affecting multiple kernel drivers (M4U, sound, touchscreen, GPU, Command Queue). The issue could let a local malicious app execute arbitrary code in the kernel context. Exploitation is local and requi...
CVE-2017-0505
CVE-2017-0505 is an elevation-of-privilege issue in MediaTek components (M4U, sound, touchscreen, GPU, and Command Queue drivers) for Android. A local attacker could execute arbitrary code in the kernel context. The 2017-03 Android bulletin lists CVE-2017-0505 with Android ID A-31822282 and notes...
CVE-2017-0504
CVE-2017-0504 is an elevation-of-privilege vulnerability in MediaTek components used by Android, including the M4U, sound, touchscreen, GPU, and Command Queue drivers. The flaw could let a local malicious app execute arbitrary code within the kernel, potentially leading to a permanent device comp...
CVE-2017-0333
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0334
CVE-2017-0334 is an information-disclosure vulnerability in the NVIDIA GPU driver affecting Android on kernel 3.18 (Android ID A-33245849) where a local malicious app could access data outside its permission levels. The provided documents state the issue is an information disclosure with high imp...
SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:0625-1)
This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS bsc1023907. - CVE-2017-5857: The Virtio...
CVE-2017-0333
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0338
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0335
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0306
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2017-0337
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
CVE-2016-8479
An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...
Out-of-bounds
The virglcmdgetcapset function in hw/display/virtio-gpu-3d.c in QEMU aka Quick Emulator built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service out-of-bounds read and process crash via a VIRTIOGPUCMDGETCAPSET command with a maximum capabilities size...
Out-of-bounds
The virtiogpusetscanout function in QEMU aka Quick Emulator built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service out-of-bounds read and process crash via a scanout id in a VIRTIOGPUCMDSETSCANOUT command larger than numscanouts...
CVE-2016-10028
The virglcmdgetcapset function in hw/display/virtio-gpu-3d.c in QEMU aka Quick Emulator built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service out-of-bounds read and process crash via a VIRTIOGPUCMDGETCAPSET command with a maximum capabilities size...
DEBIAN-CVE-2016-10028
The virglcmdgetcapset function in hw/display/virtio-gpu-3d.c in QEMU aka Quick Emulator built with Virtio GPU Device emulator support allows local guest OS users to cause a denial of service out-of-bounds read and process crash via a VIRTIOGPUCMDGETCAPSET command with a maximum capabilities size...