CVE-2017-0506

CVE-2017-0506 describes an elevation of privilege in MediaTek components (M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver) that could allow a local malicious app to execute arbitrary code in the kernel context. The vulnerability is rated as Critical due to the r...

CVE-2017-0306

CVE-2017-0306 affects the NVIDIA Tegra GPU driver (NVHOST) within the Android kernel (Kernel-3.10). A vulnerability in the NVHOST driver copies an input buffer to an output buffer without validating size, which can lead to denial of service and may enable local privilege escalation by a malicious...

CVE-2017-0333

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2017-0503

Technical details sufficient to assess affected components, root cause, or fixes are not publicly provided in the supplied documents. Please monitor for updates from official vulnerability feeds for CVE-2017-0503.

CVE-2017-0506

An elevation of privilege vulnerability in MediaTek components, including the M4U driver, sound driver, touchscreen driver, GPU driver, and Command Queue driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical...

CVE-2017-0338

CVE-2017-0338 describes an elevation-of-privilege vulnerability in the NVIDIA GPU driver affecting Android devices with Kernel-3.18. A local malicious application could run code in the kernel context, leading to a potentially permanent device compromise that may require reflashing the OS. Exploit...

CVE-2016-8479

An elevation of privilege vulnerability in the Qualcomm GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2017-0504

CVE-2017-0504 is an elevation-of-privilege vulnerability in MediaTek components used by Android, including the M4U, sound, touchscreen, GPU, and Command Queue drivers. The flaw could let a local malicious app execute arbitrary code within the kernel, potentially leading to a permanent device comp...

CVE-2017-0505

CVE-2017-0505 is an elevation-of-privilege issue in MediaTek components (M4U, sound, touchscreen, GPU, and Command Queue drivers) for Android. A local attacker could execute arbitrary code in the kernel context. The 2017-03 Android bulletin lists CVE-2017-0505 with Android ID A-31822282 and notes...

CVE-2017-0336

CVE-2017-0336 is an information-disclosure flaw affecting the NVIDIA GPU driver on Android (Kernel-3.18). A local malicious app could access data outside its permission levels. The vulnerability is described as high-severity in the Android bulletin, with patches released as part of the 2017-03-01...

CVE-2017-0333

CVE-2017-0333 : An elevation of privilege in the NVIDIA GPU driver could allow a local malicious Android process to run arbitrary code in the kernel context on devices with Kernel-3.18. This could lead to a local permanent compromise and may require reflashing the OS to repair the device. The pro...

CVE-2017-0337

CVE-2017-0337 describes a local privilege-escalation in the NVIDIA GPU driver affecting Android on Kernel-3.18. The vulnerability could let a local malicious process execute code in kernel context, potentially enabling a permanent device compromise that might require a OS reflashing to repair. Th...

CVE-2017-0307

Summary (CVE-2017-0307) : A vulnerability in the NVIDIA Tegra kernel DRM driver can trigger an integer overflow while calculating memory to allocate, causing a smaller-than-needed allocation and a potential buffer overflow. This may lead to denial of service or possible privilege escalation withi...

CVE-2017-0307

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...

CVE-2017-0334

CVE-2017-0334 is an information-disclosure vulnerability in the NVIDIA GPU driver affecting Android on kernel 3.18 (Android ID A-33245849) where a local malicious app could access data outside its permission levels. The provided documents state the issue is an information disclosure with high imp...

CVE-2017-0500

CVE-2017-0500 is an elevation of privilege vulnerability in MediaTek components used in Android, affecting multiple kernel drivers (M4U, sound, touchscreen, GPU, Command Queue). The issue could let a local malicious app execute arbitrary code in the kernel context. Exploitation is local and requi...

CVE-2017-0501

CVE-2017-0501 : Elevation of privilege in MediaTek components (including M4U, sound, touchscreen, GPU, and Command Queue drivers) could allow a local malicious app to execute arbitrary code in the kernel context on Android. The vulnerability is rated Critical due to potential permanent device com...

CVE-2017-0335

CVE-2017-0335 affects the NVIDIA GPU driver on Android (Kernel-3.18) with a local elevation of privilege that could allow a malicious app to execute code in the kernel. Public details in the Android 2017-03-01/03-05 security bulletins indicate this vulnerability is addressed by patches delivered ...

SUSE SLED12 / SLES12 Security Update : qemu (SUSE-SU-2017:0625-1)

This update for qemu fixes several issues. These security issues were fixed : - CVE-2017-5898: The CCID Card device emulator support was vulnerable to an integer overflow flaw allowing a privileged user to crash the Qemu process on the host resulting in DoS bsc1023907. - CVE-2017-5857: The Virtio...

CVE-2017-0333

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the...