629 matches found
Google Android Qualcomm IPA Driver Elevation of Privilege Vulnerability (CNVD-2018-01111)
Android on Google Pixel and Nexus is a Linux-based open source operating system for the Google Pixel and Nexus smartphones developed by Google and the Open Handset Alliance OHA, of which the Qualcomm IPA driver is a part. Qualcomm IPA driver is one of the IPA drivers developed by Qualcomm. An...
Design/Logic Flaw
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipaidr pointer using ipaidrfind function, the wrong structure pointer can be returned resulting in a slab ou...
CVE-2017-14879
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipaidr pointer using ipaidrfind function, the wrong structure pointer can be returned resulting in a slab ou...
CVE-2017-14879
CVE-2017-14879 affects the Qualcomm IPA driver (Android on Google Pixel/Nexus) via an IPA ioctl path that uses ipa_idr_find(), which can return a wrong structure pointer, causing slab out-of-bounds access in the IPA driver. This is listed as Elevation of Privilege (EoP) with a Moderate severity i...
CVE-2017-14879
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipaidr pointer using ipaidrfind function, the wrong structure pointer can be returned resulting in a slab ou...
ipa-cbc-programme.eu XSS vulnerability
Open Bug Bounty ID: OBB-456878 Description| Value ---|--- Affected Website:| ipa-cbc-programme.eu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention...
CVE-2017-12169
It was found that IPA could disclose password hashes to users having the 'System: Read Stage Users' permission. A remote, authenticated attacker could potentially use this flaw to disclose the password hashes belonging to Stage Users. This security issue does not result in disclosure of password...
CVE-2017-9687
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, two concurrent threads/processes can write the value of "0" to the debugfs file that controls ipa ipc log which will lead to the double-free in ipclogcontextdestroy. Another issue is th...
CVE-2017-12173
It was found that sssd's sysdbsearchuserbyupnres function did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve...
Memory corruption
In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNETIOCTLADDMUXCHANNEL in ipa wan driver may lead to memory corruption due to missing locks...
CVE-2015-5284
CVE-2015-5284 (FreeIPA) Impact: In FreeIPA versions before 4.2.2, ipa-kra-install stores the CA agent certificate and private key in /etc/httpd/alias/kra-agent.pem with world-readable permissions. This could allow an attacker to access the CA private key and potentially issue certificates (effect...
Google Android Qualcomm IPA Driver Memory Corruption Vulnerability
Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA, of which the Qualcomm IPA driver is a network gas pedal component. A security vulnerability exists in the Qualcomm IPA driver in Android. A remote attacker could exploit the vulnerability...
Design/Logic Flaw
Userspace-controlled non null terminated parameter for IPA WAN ioctl in all Qualcomm products with Android releases from CAF using the Linux kernel can lead to exposure of kernel memory...
Google Android Qualcomm IPA Driver Elevation of Privilege Vulnerability
Android is a Linux-based open source operating system developed by Google and the Open Handheld Alliance OHA, of which the Qualcomm IPA driver is a network gas pedal component. An elevation of privilege vulnerability exists in the Qualcomm IPA driver in Google Android 7.1.2 and earlier versions. ...
CVE-2017-0746
A elevation of privilege vulnerability in the Qualcomm ipa driver. Product: Android. Versions: Android kernel. Android ID: A-35467471. References: QC-CR2029392...
Virtuozzo 7 : ipa-admintools / ipa-client / ipa-client-common / etc (VZLSA-2017-0001)
An update for ipa is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
The vulnerability of the Android operating system’s IPA driver allows a hacker to trigger a service failure.
The vulnerability of the Android operating system’s IPA driver is caused by a buffer overflow. Exploiting this vulnerability can allow a remote attacker to cause a service failure...
CVE-2017-8236
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver...
Buffer overflow
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver...
CVE-2017-8236
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in an IPA driver...