8153 matches found
CVE-2017-18066
CVE-2017-18066 affects Android for MSM, Firefox OS for MSM, and QRD Android builds with CAF Linux kernels. The issue is a use-after-free in msm_core_ioctl(), a memory-management bug in MSM CORE, leading to potential elevation of privilege or other memory-corruption impacts. The CVSS data (3.0) in...
CVE-2017-18656
CVE-2017-18656 describes a buffer over-read in a trustlet on Samsung mobile devices running M(6.0) and N(7.x). Affected component is the trustlet; root cause is a buffer over-read. The issue has been reported across multiple sources (NVD, Red Hat CVE page, CVE records) with the Samsung ID SVE-201...
CVE-2017-18661
CVE-2017-18661: A buffer overflow in Samsung mobile devices (Android M/6.0 and N/7.x) process_cipher_tdea; Samsung ID SVE-2017-8973. Documents provide the flaw but do not specify exploit vectors, affected firmware versions, or a patch/fix. No exploitation details are present in the provided sourc...
CVE-2017-18666
CVE-2017-18666 affects Samsung mobile devices running Android versions from KK (4.4) through N (7.x). The issue allows applications to send arbitrary premium SMS messages due to a vulnerability in the device software (Samsung ID SVE-2017-8701). Impact is that apps could incur charges by sending p...
CVE-2017-18669
CVE-2017-18669 affects Samsung mobile devices running N(7.x) software. The issue is caused by Persona exposing an unprotected API that allows launching any activity with system privileges, enabling privilege escalation from a normal user to a system-level operation. Root cause: unprotected API ex...
CVE-2017-18686
This CVE (CVE-2017-18686) affects Samsung mobile devices running M(6.0) and N(7.0). The issue is information disclosure through broadcasting an unprotected intent, allowing contact information to leak to a log file. The Samsung internal ID is SVE-2016-7180 (February 2017). Publicly documented imp...
CVE-2017-18688
CVE-2017-18688 affects Samsung mobile devices running L(5.1), M(6.0), and N(7.0). The issue is an information disclosure through reading memory locations outside a buffer via the device node /dev/dsm_ctrl_dev. Connected Red Hat/other records repeat this description and map it to Samsung ID SVE-20...
CVE-2017-18689
The CVE-2017-18689 issue affects Samsung mobile devices running M(6.0) and N(7.0) on Exynos5433/7420/7870 chipsets. A attacker can bypass the Kernel Module (ko) signature by modifying the count of kernel modules, enabling loading unsigned modules. This is described across Red Hat/Samsung CNVD and...
CVE-2017-7365
CVE-2017-7365 is a Qualcomm bootloader elevation-of-privilege issue disclosed in the Android 2017-06-05 bulletin. It is listed as EoP (High) for the Bootloader component; exploitation would yield higher privileges within the kernel/boot context. Patches are provided via Qualcomm AMSS bulletins an...
CVE-2017-8256
CVE-2017-8256 affects Qualcomm components in Android CAF builds using the Linux kernel. The vulnerability is an array bounds issue that can occur when userspace sends more than 16 multicast addresses, potentially enabling memory corruption within the kernel. The NVD entry lists CVSS2/3 base score...
CVE-2017-8258
CVE-2017-8258 corresponds to an array out-of-bounds access in the camera driver of Qualcomm components on CAF Android releases using the Linux kernel. The vulnerability affects Qualcomm camera driver access within the kernel space and could potentially be triggered by interactions with the camera...
CVE-2017-8280
CVE-2017-8280 affects Qualcomm WLAN driver in Android CAF builds using the Linux kernel. The issue arises during the wlan calibration data store/retrieve operation, where a race condition can lead to a memory leak and a buffer overflow during context switches. In scope here are Qualcomm products ...
CVE-2017-9687
CVE-2017-9687 involves a race between two concurrent threads/processes in Android for MSM (and related CAF/Linux kernel builds) where they can write the value "0" to a debugfs file that controls ipa ipc log. This can lead to a double-free in ipc_log_context_destroy() and a Use-After-Free when the...
CVE-2017-9701
Technical details about CVE-2017-9701 are not publicly available in the provided connected documents; the information comes from the initial description only. Monitor for updates.
CVE-2017-9721
CVE-2017-9721 describes a buffer overflow in the boot loader when parsing the splash image, affecting Android on MSM (and related CAF-based builds) and related Qualcomm components. The entry notes the vulnerability arises in the splash image parsing path in the boot loader, with CVSS details indi...
CVE-2018-11260
CVE-2018-11260 affects Android CAF WLAN components in Android releases built on the CAF Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android). The issue is described as an integer overflow during processing of an FILS connection request, which can lead to a buffer overflow when the key ...
CVE-2018-11280
CVE-2018-11280 affects Android CAF builds (Linux kernel in Android for MSM, Firefox OS for MSM, QRD Android). The vulnerability arises from missing size validation for NAT entry input during user-space processing, which could allow memory exhaustion when input size exceeds the maximum. Impact is ...
CVE-2018-11296
CVE-2018-11296 is a Qualcomm WLAN Host buffer overflow affecting Android on Pixel/Nexus devices, caused by a buffer overwrite while processing a firmware message in the WLAN handler. The vulnerability is in the Qualcomm WLAN Host within CAF/Linux-based builds. Impact is memory corruption potentia...
CVE-2018-11304
CVE-2018-11304 describes a possible buffer overflow in msm_adsp_stream_callback_put caused by insufficient input validation of user-provided data, leading to an integer overflow across CAF-powered Android releases (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux kernel. The vuln...
CVE-2018-11823
CVE-2018-11823 affects CAF Android releases (Android for MSM, Firefox OS for MSM, QRD Android) based on the Linux kernel. The vulnerability is a double-free in the power module triggered by freeing device memory during driver probe failure. Root cause described as improper memory handling in the ...
CVE-2018-11851
CVE-2018-11851 relates to a buffer-length calculation input validation flaw in CAF Qualcomm WLAN driver components, causing a possible out-of-bounds write to kernel stack. The vulnerability is documented as a local, impactful issue with high severity (NVD CVSS v2/3 vectors indicate LOCAL access, ...
CVE-2018-11852
CVE-2018-11852 affects Qualcomm WLAN host components used in Android (CAF Qualcomm WLAN stack). The vulnerability stems from an improper check in the WMA API for inputs received from firmware, which can cause an out-of-bounds write to the host structure. According to the Pixel security bulletin, ...
CVE-2018-11878
CVE-2018-11878 affects Qualcomm WLAN HOST components in Android CAF/Linux-based WLAN stack. Description: a memory access error during processing of a WLAN driver command could allow a local attacker to exploit (per CVSS metrics: Local access, low complexity, with High impact on confidentiality, i...
CVE-2018-11898
CVE-2018-11898 affects Qualcomm WLAN host components in CAF Android builds (Android for MSM/CAF Linux kernel). The issue is an out-of-bounds read when processing a start BSS request if the SSID length exceeds the maximum, leading to potential memory access violations. The NVD entry and related re...
CVE-2018-11918
CVE-2018-11918 affects CAF Android kernel builds (Android for MSM, Firefox OS for MSM, QRD Android) where memory allocated during probe is released by the kernel on error. The description and connected records confirm the issue resides in the Linux kernel handling of probe failures, with no expli...
CVE-2018-11960
CVE-2018-11960. A use-after-free condition in the Qualcomm HWEngines component (SPS driver) used in CAF Android builds (Linux kernel) can cause kernel errors. Affected context and wording in connected records indicate the issue arises within the SPS driver in Android CAF environments across affec...
CVE-2018-21040
CVE-2018-21040 affects Samsung mobile devices with Exynos 9810 (O(8.x)/P(9.0)). Root cause: race condition leading to a use-after-free in the g2d driver. Impact: high with CVSSv3.1 base score 8.1 (Network, Privileges None, UI None; Confidentiality/Integrity/Availability High). Exploitation status...
CVE-2018-21045
CVE-2018-21045 affects Samsung mobile devices running N(7.x) and O(8.x). The issue is that clipboard data can be accessed while the device is in the lockscreen state via a copy-and-paste action. This is a local exposure of the clipboard contents (no user interaction required), with the impact des...
CVE-2018-21058
CVE-2018-21058 affects Samsung mobile devices running Android 7.0/8.0 on Exynos 7420/8890/8996. The issue enables cache attacks against the Keymaster AES-GCM implementation because T-Tables are used and the Cryptography Extension (CE) is not utilized. Samsung ID: SVE-2018-12761. No exploitation o...
CVE-2018-21065
The CVE-2018-21065 entry concerns an integer underflow in eCryptFS on Samsung mobile devices running Android M/N/O, caused by a missing size check (Samsung ID SVE-2017-11855). Affected products are Samsung mobile devices with M(6.0), N(7.x), and O(8.x) software. The available documents describe t...
CVE-2018-21080
CVE-2018-21080 affects Samsung mobile devices running N(7.x). A physically proximate attacker can use a magnet to activate NFC and bypass the lockscreen (Samsung ID SVE-2017-10897). Exploitation details, affected models/versions, and fixes are not explicitly provided in the connected documents; o...
CVE-2018-5820
CVE-2018-5820 affects Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android on CAF builds using Linux kernel prior to the 2018-04-05 patch level. The issue arises in wma_tbttoffset_update_event_handler(), where a firmware-supplied parameter is used to allocate a local buffer without prope...
CVE-2018-5834
CVE-2018-5834 affects Android CAF WLAN components (Android for MSM, Firefox OS for MSM, QRD Android) via a buffer overwrite in the kernel interface path __wlan_hdd_cfg80211_vendor_scan(). The issue is described as a potential buffer overwrite in CAF Android releases before the 2018-06-05 patch le...
CVE-2018-5840
CVE-2018-5840 is a Buffer Copy without Checking Size of Input in the DRM SDE driver initialization path of Android/Linux kernel (CAF variants). The NVD entry states impact as high (local, user interaction required) with a high both for CVSS3 and CVSS2. Affected component appears in the Qualcomm G...
CVE-2018-5854
CVE-2018-5854 is a stack-based buffer overflow affecting the Qualcomm bootloader used in CAF/Linux-based Android deployments (fastboot). The vulnerability is classified as an Elevation of Privilege (EoP) issue with High/Critical impact, occurring in the bootloader component and enabling local pri...
CVE-2018-5859
CVE-2018-5859 describes a race-condition–driven use-after-free in the MDSS MDP driver used by CAF Android builds on the Linux kernel, prior to the 2018-07-05 patch level. The issue can trigger a Use After Free condition on affected devices (Android for MSM, Firefox OS for MSM, QRD Android). Affec...
CVE-2018-5890
CVE-2018-5890 affects Android CAF builds (Android for MSM, Firefox OS for MSM, QRD Android) where fdt_totalsize of the current device tree is reported as 0, bypassing a check for a valid device tree. Described impact: bypass of device-tree validation before patch level 2018-06-05. Patch level 201...
CVE-2018-5909
CVE-2018-5909 is documented as a buffer overflow affecting the Rotator component in Qualcomm, reported in Android CAF builds. The vulnerability arises from a lack of proper buffer-size checking in display handling code, which may permit memory corruption. The CVE is listed under Qualcomm componen...
CVE-2018-9451
CVE-2018-9451 affects Android, where DynamicRefTable::load in ResourceTypes.cpp has a missing bounds check causing an out-of-bounds read. This leads to local information disclosure without requiring user interaction. Vulnerable Android versions include 6.0–8.1; patch availability is tied to Andro...
CVE-2018-9452
CVE-2018-9452 affects the Android Framework, tied to getOffsetForHorizontal in Layout.java, causing a possible application hang/DoS from wide inputs with hidden Unicode characters. The issue affects Android 7.0–9.0 and requires user interaction for exploitation; patches were issued for the 2018-1...
CVE-2018-9491
CVE-2018-9491 affects Android’s media framework: in NdkMediaCodec.cpp, AMediaCodecCryptoInfo_new may trigger an out-of-bounds write caused by an integer overflow. This could allow remote code execution in external apps with no extra privileges, with user interaction required for exploitation. Aff...
CVE-2018-9499
CVE-2018-9499 affects Android Media framework, stemming from an invalid read in readVector() in iCrypto.cpp (uninitialized data) that could disclose local DRM-server information. Exploitation requires local access and does not require user interaction. Affected Android versions span 7.0–9.0 (Andr...
CVE-2018-9519
CVE-2018-9519 affects Android, specifically the Easel component (easelcomm_hw_build_scatterlist). The issue is a race-condition–driven out-of-bounds write in the kernel that can lead to local escalation of privileges with System privileges required; no user interaction is needed. The available do...
CVE-2018-9522
CVE-2018-9522 refers to an elevation of privilege vulnerability in Android 9 where the serialization functions of StatsLogEventWrapper.java can trigger an out-of-bounds write due to unnecessary functionality. The issue enables local privilege escalation in a privileged system process without extr...
CVE-2018-9537
CVE-2018-9537 affects Google Android 9 (Android-9) and is caused by a missing bounds check in CAacDecoder_DecodeFrame within aacdecode.cpp, leading to a possible out-of-bounds write. The consequence is remote code execution in the media server with no additional execution privileges, requiring us...
CVE-2018-9538
CVE-2018-9538 affects Android (8.1, 9) and relates to V4L2SliceVideoDecodeAccelerator::Dequeue, where an incorrect bounds check enables a possible out-of-bounds read of a function pointer. This could allow local escalation of privilege with no user interaction. The vulnerability is associated wit...
CVE-2018-9543
CVE-2018-9543 affects Android and is described as an information disclosure due to a data wipe issue in trim_device within f2fs_format_utils.c, where the data partition may not be wiped during a factory reset. This could enable local disclosure of information after a factory reset without extra p...
CVE-2018-9548
CVE-2018-9548 affects Android: multiple ContentProvider.java functions allow a permission bypass due to missing URI validation, enabling local information disclosure without user interaction. Vulnerable in Android 7.0–7.1.2, 8.0–8.1, and 9.0. Mitigation is to apply patches from the 2018-12-01/12-...
CVE-2018-9554
The CVE-2018-9554 issue affects Android's IMediaExtractor.cp, specifically in the dumpExtractors path, where a permissions bypass could allow disclosure of recently accessed media files. The underlying impact is local information disclosure without execution privileges, with no user interaction r...
CVE-2018-9570
CVE-2018-9570 affects Android 9 and involves an out-of-bounds write in impd_parse_drc_ext_v1 within impd_drc_dynamic_payload.c. The root cause is missing bounds checking in this function, which could allow remote code execution with a local attacker?no, this CVE entry states remote code execution...