86 matches found
CVE-2015-9038
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may be dereferenced in the front end...
CVE-2015-9043
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer...
Buffer overflow
In all Qualcomm products with Android releases from CAF using the Linux kernel, validation of buffer lengths is missing in malware protection...
Heap overflow
In all Qualcomm products with Android releases from CAF using the Linux kernel, the camera application can possibly request frame/command buffer processing with invalid values leading to the driver performing a heap buffer over-read...
Design/Logic Flaw
In all Qualcomm products with Android releases from CAF using the Linux kernel, disabling asserts can potentially cause a NULL pointer dereference during an out-of-memory condition...
Code injection
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in GNSS when performing a scan after bootup...
Integer overflow
In all Qualcomm products with Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in the hypervisor...
CVE-2014-9969
In all Qualcomm products with Android releases from CAF using the Linux kernel, the GPS client may use an insecure cryptographic algorithm...
Design/Logic Flaw
In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly validated...
Design/Logic Flaw
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory management routine...
CVE-2015-9034
Summary: CVE-2015-9034 is a buffer overflow in Qualcomm closed-source components used in Android CAF builds with the Linux kernel, caused by a SIP string not being null-terminated. This vulnerability affects Qualcomm components in Android and has a CVSS v3 base score of 9.8 (CRITICAL) with networ...
CVE-2016-10382
In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient...
CVE-2016-10343
In all Qualcomm products with Android releases from CAF using the Linux kernel, sSL handshake failure with ClientHello rejection results in memory leak...
CVE-2017-8253
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace...
Code injection
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel stack data can be leaked to userspace by an audio driver...
CVE-2017-7366
In all Android releases from CAF using the Linux kernel, a KGSL ioctl was not validating all of its parameters...
Code injection
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of an SCM call...
UBUNTU-CVE-2017-8241
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length...
Input validation
In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist...
CVE-2014-9941
In the Embedded File System in all Android releases from CAF using the Linux kernel, a Time-of-Check Time-of-Use Race Condition vulnerability could potentially exist...