CVE-2017-0648

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of a local permanent device compromise, which may require reflashing the...

Privilege escalation

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2017-0648

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2017-0648

CVE-2017-0648 is a local elevation-of-privilege in the Android kernel FIQ debugger. The issue arises from the FIQ debugger and SysRq access enabling arbitrary kernel code execution when exploited by a local attacker via a compromised device. Technical details in the connected sources show the roo...

Nexus 9 vs. Malicious Headphones, Take Two

Nexus 9 vs. Malicious Headphones, Take Two In March 2017 we disclosed CVE-2017-0510, a critical vulnerability in Nexus 9, that allowed for quite unique an attack by malicious headphones. Interestingly, its patch was insufficient. We had responsibly reported that finding CVE-2017-0648 to Google,...

Google Nexus Kernel FIQ Debugger Elevation of Privilege Vulnerability

Android on Nexus 9 is a Linux-based open source operating system for the Nexus 9 tablet developed by Google and the Open Handheld Alliance OHA. kernel FIQ debugger is one of the kernel debugger components. A security vulnerability exists in the kernel FIQ debugger in Android on Nexus 9 devices. A...

Nexus 9 With Malicious Headphones Vulnerability

Nexus 9 running Android version 7.1.1 build N4F26Q and below allows unauthorized access to the FIQ debugger via its headphones jack, which allows for information theft, weakening of ASLR, leaking of stack canaries, and more. Title: Attacking Nexus 9 with Malicious Headphones Identifier:...

Google Nexus 9 Unauthorized Access to FIQ Debugger（CVE-2017-0510）

Nexus 9 allows unauthorized access to the FIQ debugger via its headphones jack. This allows for sensitive information theft, via malicious headphones, out of any process. Moreover it allows the adversary to reboot the device into HBOOT, which may aid in further exploitation such as accessing...

CVE-2017-0510

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

Privilege escalation

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2017-0510

CVE-2017-0510 describes an elevation-of-privilege vulnerability in the Android kernel FIQ debugger that could allow a local malicious app to execute code in kernel context. Affected: Android on Kernel-3.10 (Nexus 9 cited). Impact: potential local permanent device compromise requiring OS reflashin...

CVE-2017-0510

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2017-0510

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...