CVE-2018-5858

CVE-2018-5858 concerns an out-of-bounds access in the audio debugfs for Android CAF builds using the Linux kernel, affecting Android for MSM, Firefox OS for MSM, and QRD Android prior to the 2018-07-05 security patch level. The issue is triggered via the audio debugfs component of the kernel, wit...

CVE-2017-18261

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel, before 4.13, allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrac...

CVE-2017-18261

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel before 4.13 allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace,...

CVE-2017-18261

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel before 4.13 allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace,...

UBUNTU-CVE-2017-18261

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel before 4.13 allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace,...

Design/Logic Flaw

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel before 4.13 allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace,...

CVE-2017-18261

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel before 4.13 allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace,...

CVE-2017-18261

The archtimerregreadstable macro in arch/arm64/include/asm/archtimer.h in the Linux kernel before 4.13 allows local users to cause a denial of service infinite recursion by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace,...

Huawei P8 wkupccpu debugfs Kernel Buffer Overflow Vulnerability

Exploit for hardware platform in category dos / poc Vulnerability Summary The following advisory describes a buffer overflow found in Huawei P8 Lite ALE-21 HI621sft, operating system versions EMUI 3.1 – wkupccpu debugfs driver. Huawei Technologies Co. Ltd. is “a multinational networking and...

CVE-2017-9686

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used...

CVE-2017-9687

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, two concurrent threads/processes can write the value of "0" to the debugfs file that controls ipa ipc log which will lead to the double-free in ipclogcontextdestroy. Another issue is th...

CVE-2017-9697

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition can allow access to already freed memory while reading command registration table entries in diagdbgfsreadtable...

CVE-2017-9686

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used...

Double free

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used...

CVE-2017-9686

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used...

CVE-2017-9687

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, two concurrent threads/processes can write the value of "0" to the debugfs file that controls ipa ipc log which will lead to the double-free in ipclogcontextdestroy. Another issue is th...

CVE-2017-9686

The CVE-2017-9686 issue affects the Qualcomm SPS driver in Android environments (CAF/Linux kernel variants that include Android for MSM/CAF). Root cause is a double free/use-after-free in the SPS driver when debugfs logging is enabled. Reported impact includes local access with partial confidenti...

CVE-2017-9687

CVE-2017-9687 involves a race between two concurrent threads/processes in Android for MSM (and related CAF/Linux kernel builds) where they can write the value "0" to a debugfs file that controls ipa ipc log. This can lead to a double-free in ipc_log_context_destroy() and a Use-After-Free when the...

CVE-2017-9686

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possible double free/use after free in the SPS driver when debugfs logging is used...

Memory corruption

In all Qualcomm products with Android releases from CAF using the Linux kernel, using a debugfs node, a write to a PCIe register can cause corruption of kernel memory...