Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3797-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3797-2 advisory. USN-3797-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-3797-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3797-1 advisory. Noam Rathaus discovered that a use-after-free vulnerability existed in the Infiniband implementation in the Linux kernel. An attacker could use this to...

CVE-2018-11863

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy...

CVE-2018-11296

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur...

CVE-2018-11863

The CVE-2018-11863 issue affects Android variants built on CAF Linux kernel. The root cause is a missing input length check when processing firmware data to determine the length of the WMA roam synch buffer, which can lead to a buffer overwrite during memcpy. The vulnerability is categorized unde...

CVE-2018-11863

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy...

CVE-2018-11296

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur...

CVE-2018-11296

CVE-2018-11296 is a Qualcomm WLAN Host buffer overflow affecting Android on Pixel/Nexus devices, caused by a buffer overwrite while processing a firmware message in the WLAN handler. The vulnerability is in the Qualcomm WLAN Host within CAF/Linux-based builds. Impact is memory corruption potentia...

Design/Logic Flaw

In wlanhddcfg80211vendorscan in all Android releases from CAF using the Linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-07-05, when SCANSSIDS and QCAWLANVENDORATTRSCANFREQUENCIES are parsed, a buffer overwrite can potentially occur...

CVE-2018-5862

In wlanhddcfg80211vendorscan in all Android releases from CAF using the Linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-07-05, when SCANSSIDS and QCAWLANVENDORATTRSCANFREQUENCIES are parsed, a buffer overwrite can potentially occur...

CVE-2018-5862

CVE-2018-5862 concerns Android CAF builds using the Linux kernel. In __wlan_hdd_cfg80211_vendor_scan(), when parsing SCAN_SSIDS and QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES, a buffer overwrite can potentially occur in all Android releases before patch level 2018-07-05. CVSS data in the entry shows l...

CVE-2018-5893

While processing a message from firmware in httt2hmsghandlerfast in Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05, a buffer overwrite can occur...

CVE-2018-5834

In wlanhddcfg80211vendorscan, a buffer overwrite can potentially occur in Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05...

Buffer overflow

In wlanhddcfg80211vendorscan, a buffer overwrite can potentially occur in Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05...

CVE-2018-5834

In wlanhddcfg80211vendorscan, a buffer overwrite can potentially occur in Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05...

CVE-2018-5893

CVE-2018-5893 is a buffer overwrite in the Qualcomm WLAN driver (htt_t2h_msg_handler_fast()) within Android CAF/Linux kernel for MSM devices. Root cause: buffer overwrite during firmware message processing. Affected: Qualcomm WLAN component in Android on CAF Android for MSM, Firefox OS for MSM, Q...

CVE-2018-5834

CVE-2018-5834 affects Android CAF WLAN components (Android for MSM, Firefox OS for MSM, QRD Android) via a buffer overwrite in the kernel interface path __wlan_hdd_cfg80211_vendor_scan(). The issue is described as a potential buffer overwrite in CAF Android releases before the 2018-06-05 patch le...

CVE-2018-5893

While processing a message from firmware in httt2hmsghandlerfast in Android releases from CAF using the linux kernel Android for MSM, Firefox OS for MSM, QRD Android before security patch level 2018-06-05, a buffer overwrite can occur...

Heap overflow

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cause the applicatio...

Input validation

In the function wmapdevdivinfoevthandler in all Android releases from CAF Android for MSM, Firefox OS for MSM, QRD Android using the Linux Kernel, there is no upper bound check on the value event-numchainsvalid received from firmware which can lead to a buffer overwrite of the fixed size...