CVE-2016-5349

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

Privilege escalation

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

CVE-2016-5349

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

UBUNTU-CVE-2016-5349

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

CVE-2016-5349

Technical details for CVE-2016-5349 are not provided in the connected documents. Public disclosures contain general descriptions only; no concrete product/vendor/version/root-cause or fix information is available here. Monitor for updates from official advisories.

CVE-2016-5349

The high level operating systems HLOS was not providing sufficient memory address information to ensure that secure applications inside Qualcomm Secure Execution Environment QSEE only write to legitimate memory ranges related to the QSEE secure application's HLOS client. When secure applications...

The vulnerability of the Android operating system, which allows a perpetrator to trigger a service failure or otherwise affect the system.

The vulnerability of the Qualcomm Secure Execution Environment Communicator application for the Android operating system is related to the lack of protection for service data. Exploiting this vulnerability could allow a malicious actor to compromise data confidentiality through the use of a local...

Google Android Remote Elevation of Privilege Vulnerability (CNVD-2017-01392)

Android is a Linux-based open source operating system developed by Google Inc. and the Open Handheld Consortium. A security vulnerability in Qualcomm Secure Execution Environment Communicator in Android on multiple Google devices allows remote attackers to exploit the vulnerability to elevate...

Information disclosure

An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product:...

CVE-2016-8414

An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product:...

CVE-2016-8414

An information disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product:...

CVE-2016-8414

CVE-2016-8414 is an information-disclosure vulnerability in the Qualcomm Secure Execution Environment Communicator affecting Android. It permits a local attacker with a compromised privileged process to access data outside its permissions. Affected components are the Android kernel (Kernel-3.10 a...

The vulnerability of the Android operating system, which allows a hacker to trigger a buffer overflow.

The vulnerability in the trusted execution environment of Android’s operating system’s access control API arises due to buffer overflow. Exploiting this vulnerability can allow a malicious actor, operating remotely, to trigger a buffer overflow due to lack of size checking for the buffer...

PXE client computers freeze during multithread network transfers in Windows Server 2012 R2

PXE client computers freeze during multithread network transfers in Windows Server 2012 R2 Symptoms When you deploy Windows Server 2012 R2 through Windows Deployment Services WDS Pre-Boot Execution Environment PXE, the server CPU usage spikes to 100%. In this situation, client computers may freez...

Two CVE case study: how to use Android in the trusted zone-vulnerability warning-the black bar safety net

This article from the actual departure, about how to step by step use of Android in the trusted zone TrustZone on. Here I am using a Huawei hisilicon the Trusted Execution Environment Trusted Execution Environment, TEE on. First of all, I found one can gain kernel privilege vulnerabilities, and...

The vulnerability of the CODESYS Runtime Toolkit execution environment allows a perpetrator to read and write arbitrary files.

The vulnerability of the CODESYS Runtime Toolkit execution environment exists due to an incorrect limitation on the path name to the restricted directory. Exploiting this vulnerability allows a malicious actor to read, write, and create arbitrary files by utilizing the “..” element in the path wh...

[SECURITY] Fedora 24 Update: ganglia-3.7.2-10.fc24

Ganglia is a scalable, real-time monitoring and execution environment with all execution requests and statistics expressed in an open well-defined XML format...

From 0 to TrustZone in the second article: the QSEE mention the right vulnerability and the use of CVE-2 0 1 5-6 6 3 9-a vulnerability warning-the black bar safety net

! In this article, we discuss how to find and exploit a vulnerability, access to Qualcomm secure execution environmentQSEEof the code execute permissions. Related reading From 0 to TrustZone first article: explore the high-pass SEE safe executable environment QSEE attack surface In a previous...

QSEE - PRDiag* Commands Privilege Escalation

Exploit for Android platform in category local exploits Sources: https://bits-please.blogspot.ca/2016/05/qsee-privilege-escalation-vulnerability.html https://github.com/laginimaineb/cve-2015-6639 Qualcomm's Secure Execution Environment QSEE Privilege Escalation Exploit using PRDiag commands...

QSEE - PRDiag* Commands Privilege Escalation

QSEE - PRDiag Commands Privilege Escalation Sources: https://bits-please.blogspot.ca/2016/05/qsee-privilege-escalation-vulnerability.html https://github.com/laginimaineb/cve-2015-6639 Qualcomm's Secure Execution Environment QSEE Privilege Escalation Exploit using PRDiag commands CVE-2015-6639 Pro...