EUVD-2018-18028

Malware in sbrugna...

EUVD-2018-18032

Malware in sbrugna...

Google Android OMX parser information disclosure vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. An information disclosure vulnerability exists in Android-11 version OMX parser. The vulnerability stems from the return of raw pointers, which can be exploited by an attacker to cause informatio...

Security Bulletin: Jetson AGX Xavier, TK1, TX1, TX2, and Nano L4T- December 2019

NVIDIA has released a software security update for Jetson AGX Xavier, TK1,TX1, TX2, and Nano in the NVIDIA® Tegra® Linux Driver Package L4T. The update addresses issues that may lead to code execution, denial of service, escalation of privileges, or information disclosure. To protect your system,...

Design/Logic Flaw

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474...

Design/Logic Flaw

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. Android ID: A-70857947...

CVE-2018-6271

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474...

CVE-2018-6267

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. Android ID: A-70857947...

CVE-2018-6271

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474...

CVE-2018-6267

CVE-2018-6267 affects NVIDIA’s Tegra OpenMax driver (libnvomx): a missing/incorrect validation of input can affect control or data flow, potentially enabling DoS or elevation of privilege. Public NVIDIA bulletins confirm this CVE is addressed as part of Jetson TX1/TX2 L4T updates; remediation inv...

CVE-2018-6271

CVE-2018-6271 affects NVIDIA Tegra OpenMax driver (libnvomx). The issue arises from delivering extra data with buffers and inadequate validation, enabling potential denial of service or escalation of privileges. Affected products are Jetson TX1/TX2 running Linux for Tegra; NVIDIA lists CVE-2018-6...

CVE-2018-6267

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. Android ID: A-70857947...

CVE-2018-6271

NVIDIA Tegra OpenMax driver libnvomx contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474...

Security Bulletin: NVIDIA Jetson TX1, Jetson TK1, Jetson TX2, and Tegra K1 L4T Security Updates for Multiple Vulnerabilities

Jetson and Tegra L4T contain vulnerabilities which may lead to denial of service, escalation of privileges, or information disclosure. Go to NVIDIA Product Security. Vulnerability Details The following sections summarize the potential vulnerabilities. Descriptions use CWE™ and risk assessments...

Security Bulletin: NVIDIA SHIELD TV Security Updates for Multiple Vulnerabilities

NVIDIA SHIELD TV security updates for vulnerabilities that may lead to denial of service, information disclosure, or escalation of privileges Vulnerability Details The following sections summarize the potential vulnerabilities. Descriptions use CWE™ and risk assessments follow CVSS. CVE-2017-6282...

Google Android Media framework elevation of privilege vulnerability (CNVD-2018-03093)

Android is a Linux-based open source operating system jointly developed by Google and the Open Handset Alliance OHA. Media framework is one of the frameworks used for multimedia development. A privilege elevation vulnerability exists in the 'OMXNodeInstance::useBuffer' and 'IOMX::freeBuffer'...

Security Bulletin: NVIDIA Shield TV and Tablet contain multiple vulnerabilities

Vulnerability Details The following sections summarize the vulnerabilities. Descriptions use CWE™ and risk assessments follow CVSS. CVE-2016-6790 NVIDIA OpenMax Component contains a vulnerability in LIBNVRM where an input buffer is copied to an output buffer without checking the size of the input...

CVE-2016-2480

The mm-video-v4l2 vidc component in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate certain OMX parameter data structures, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining...

UBUNTU-CVE-2016-2476

mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-06-01 does not validate OMX buffer sizes, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug...