86 matches found
Code injection
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel...
CVE-2017-8246
In function msmpcmplaybackclose in all Android releases from CAF using the Linux kernel, prtd is assigned substream-runtime-privatedata. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the same memory...
CVE-2014-9927
In UIM in all Android releases from CAF using the Linux kernel, a Buffer Copy without Checking Size of Input vulnerability could potentially exist...
CVE-2014-9934
A PKCS1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding...
CVE-2014-9931
A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value...
CVE-2014-9933
Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access...