The vulnerability of the libstagefright library in the Media Framework of the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the libstagefright library in the Media Framework of the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the context of a privileged process remotely...

The vulnerability of the multimedia framework of the Android operating system allows a perpetrator to gain access to protected data or execute arbitrary code.

The vulnerability of the multimedia framework of the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to protected data or execute arbitrary code within a privileged process...

Code injection

drivers/net/ethernet/msm/rndisipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process...

CVE-2016-5868

drivers/net/ethernet/msm/rndisipa.c in the Qualcomm networking driver in Android allows remote attackers to execute arbitrary code via a crafted application compromising a privileged process...

The vulnerability of the Bluetooth Network Encapsulation Protocol (BNEP) in the Android operating system allows a hacker to execute arbitrary code within the context of a privileged process.

The vulnerability of the Bluetooth Network Encapsulation Protocol BNEP in the Android operating system is related to buffer overflow vulnerabilities in dynamic memory. Exploiting this vulnerability can allow a remote attacker to trigger a buffer overflow and execute arbitrary code on the device...

The vulnerability in the Bluetooth Network Encapsulation Protocol (BNEP) operating system’s profile allows a intruder to execute arbitrary code within the context of a privileged process.

The vulnerability in the Bluetooth Network Encapsulation Protocol BNEP service of the Android operating system lies in the loss of a whole bit. Exploiting this vulnerability allows an attacker to compromise the integrity of memory and gain full control over the device...

Android Security Bulletin—July 2017Stay organized with collectionsSave and categorize content based on your preferences.

The Android Security Bulletin contains details of security vulnerabilities affecting Android devices. Security patch levels of July 05, 2017 or later address all of these issues. Refer to the Pixel and Nexus update schedule to learn how to check a device's security patch level. Partners were...

The vulnerability of the Windows operating system’s kernel allows a hacker to execute code within the context of a privileged process.

The vulnerability of the Windows operating system’s kernel is related to improper data handling in the device’s memory. Exploiting this vulnerability allows a local attacker to execute code within the context of a privileged process...

CVE-2017-0650

An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

CVE-2017-0649

An elevation of privilege vulnerability in the MediaTek sound driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Moderate because it first requires compromising a privileged process and because of vulnerability...

CVE-2017-0651

An information disclosure vulnerability in the kernel ION subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android...

Information disclosure

An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

CVE-2017-0636

An elevation of privilege vulnerability in the MediaTek command queue driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions:...

CVE-2017-0650

An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of MediaTek’s Android operating system driver is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the kernel context. This issue is considered “high” because it requires compromising privileged...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the MediaTek Video Driver for the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the kernel context, thereby enabling the execution of malicious applications...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Qualcomm Secure Execution Environment Communicator driver for the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the kernel context from a local malicious...

ISC BIND 9 Elevation of Privilege Vulnerability

ISC BIND is the United States Internet Systems Consortium ISC company maintains a set of open source software that implements the DNS protocol. An elevation of privilege vulnerability exists in ISC BIND 9. An attacker can exploit this vulnerability to execute arbitrary code in the context of a...

The vulnerability of Synaptics’ sensor screen driver in the Android operating system allows a hacker to execute arbitrary code.

The vulnerability of Synaptics’ touchscreen display driver in the Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary malicious applications on the touchscreen chipset. This issue is considered “highly...

The vulnerability of the Audioserver component of the Android operating system, which allows a hacker to execute arbitrary code.

The vulnerability in the Android operating system’s Audioserver relates to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within a privileged process remotely. This issue is considered “highly critical” because it could be used to...