EUVD-2017-18622

Malware in sbrugna...

EUVD-2017-6374

Malware in sbrugna...

CVE-2017-9691

There is a race condition in Android for MSM, Firefox OS for MSM, and QRD Android that allows to access to already free'd memory in the debug message output functionality contained within the mobicore driver...

Race condition

There is a race condition in Android for MSM, Firefox OS for MSM, and QRD Android that allows to access to already free'd memory in the debug message output functionality contained within the mobicore driver...

CVE-2017-9691

There is a race condition in Android for MSM, Firefox OS for MSM, and QRD Android that allows to access to already free'd memory in the debug message output functionality contained within the mobicore driver...

CVE-2017-9691

CVE-2017-9691 is a Qualcomm MobiCore (Trustonic) driver issue via a race condition in the debug message output path on Android devices (MSM, Firefox OS for MSM, QRD Android). The vulnerability allows access to already freed memory, exposing potential confidentiality impact. The connected document...

Google Android Qualcomm component elevation of privilege vulnerability (CNVD-2017-36518)

Android is a free and open source Linux-based operating system led and developed by Google Inc. and the Open Handset Alliance. An elevation of privilege vulnerability exists in the Qualcomm component of the Google Android GUD mobicore driver. An attacker can exploit this vulnerability to achieve...

Memory corruption

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocation without a length field validation in the mobicore driver which can result in an undersize buffer allocation. Ultimately this can result in a kernel memory...

CVE-2017-14896

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a memory allocation without a length field validation in the mobicore driver which can result in an undersize buffer allocation. Ultimately this can result in a kernel memory...

In-depth analysis of TIMA any kernel module authentication bypass vulnerability-vulnerability warning-the black bar safety net

In order to ensure that the Android device in Linux kernel the integrity of the, Samsung introduced a named“lkmauth”function. This function was originally designed to ensure that only the Samsung-approved those that the kernel module can only be loaded into the Linux kernel. TIMA any kernel modul...

TIMA Arbitrary Kernel Module Verification Bypass Vulnerability

Samsung's lkmauth feature suffers from a kernel module verification bypass vulnerability. TIMA Arbitrary Kernel Module Verification Bypass In order to ensure the integrity of the Linux Kernel on Android devices, Samsung has introduced a feature called "lkmauth". This feature is meant to make sure...

Samsung Devices KNOX Extensions - OTP TrustZone Trustlet Stack Buffer Overflow Exploit

Exploit for Android platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=938 As a part of the KNOX extensions available on Samsung devices, Samsung provides a TrustZone trustlet which allows the generation of OTP tokens. The tokens themselves are...