8153 matches found
CVE-2016-3897
CVE-2016-3897 affects Android Wi‑Fi: the WifiEnterpriseConfig.java class’s toString() returns the stored password, enabling information disclosure. Affected: Android 4.x before 4.4.4; 5.0.x before 5.0.2; 5.1.x before 5.1.1; 6.x before 2016-09-01. Root cause: sensitive password data is exposed in ...
CVE-2016-3900
CVE-2016-3900 affects Android’s ServiceManager (cmds/servicemanager/service_manager.c). The flaw in ServiceManager allowed a crafted application to register privileged services, enabling local privilege escalation. Affected: Android 5.0.x before 5.0.2; 5.1.x before 5.1.1; 6.x before 2016-10-01; 7...
CVE-2016-5855
CVE-2016-5855 affects the Qualcomm SPCom driver in Qualcomm AMSS/Android stacks. The root cause is a user‑supplied buffer being cast to a structure without validating the source buffer size, potentially leading to memory corruption or information exposure as described in the CVE entry. Connected ...
CVE-2016-5858
CVE-2016-5858: A vulnerability in the ioctl handler of Qualcomm components used in Android for MSM, Firefox OS for MSM, and QRD Android. If a user supplies a value that is too large, it can cause an out-of-bounds read, leading to potential information disclosure. The description specifies the aff...
CVE-2016-6680
CNVD-2016-09390 describes CVE-2016-6680 as an information disclosure vulnerability in the Qualcomm CORE/HDD WLAN driver (wlan_hdd_wext.c) on Android devices, prior to 2016-10-05, affecting Nexus 5X and Android One. An attacker could obtain sensitive information by inducing a crafted application t...
CVE-2016-6722
CVE-2016-6722 describes an information-disclosure vulnerability in libstagefright within Mediaserver. A local attacker could exploit Mediaserver while processing media to access data outside the application’s permitted scope. Affected Android versions include 4.x before 4.4.4, 5.0.x before 5.0.2,...
CVE-2016-8411
CVE-2016-8411 is a buffer overflow in Android’s QMI QOS TLV processing (qmi_qos_srvc.c). Reported as CRITICAL with CVSSv3 base 9.8, exploitable over network with no user interaction. Affected: Android devices including versions containing qmi_qos_srvc.c. Root cause: buffer overflow while parsing ...
CVE-2017-11048
CVE-2017-11048 affects Qualcomm Video driver in Android on MSM CAF platforms using the Linux kernel. The vulnerability stems from a Use-After-Free in a display driver function, leading to Elevation of Privilege (EoP) on affected devices. Connected sources corroborate the issue as a Qualcomm video...
CVE-2017-13187
CVE-2017-13187 is an information-disclosure vulnerability in the Android media framework (libhevc). Affected products/versions (per sources) include Android 7.0–8.1. The root cause is described as a information disclosure issue in libhevc within the Media framework. Impact is partial confidential...
CVE-2017-13192
CVE-2017-13192 affects Android Media Framework (HEVC decoder) via ihevcd_parse_slice_header.c. The issue arises when a slice address is zero after the first slice, causing an infinite loop in slice header parsing and enabling remote denial of service without user interaction. Affected Android ver...
CVE-2017-13239
CVE-2017-13239 is an information-disclosure vulnerability in Android 8.0’s UI framework (framework UI). Affected product: Android 8.0 on Pixel/Nexus devices; vulnerability in the UI framework could allow an attacker to obtain sensitive information. According to the Pixel security bulletin, the is...
CVE-2017-13264
CVE-2017-13264 affects Android’s media framework, specifically the Avcdec component, across Android 6.0–8.1 (6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1). The Pixel/Android bulletin assigns DoS risk (high) for affected devices and lists versions updated by the 2018-03-05 patch level (AOSP changes add...
CVE-2017-14877
CVE-2017-14877 affects the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android prior to 2017-08-31. Root cause: there is no mutex lock around allocated memory when processing IOCTLs, enabling a use-after-free if IPA_IOC_QUERY_RT_TBL_INDEX and IPA_IOC_DEL_RT_RULE are issued concurre...
CVE-2017-14879
CVE-2017-14879 affects the Qualcomm IPA driver (Android on Google Pixel/Nexus) via an IPA ioctl path that uses ipa_idr_find(), which can return a wrong structure pointer, causing slab out-of-bounds access in the IPA driver. This is listed as Elevation of Privilege (EoP) with a Moderate severity i...
CVE-2017-14883
CVE-2017-14883 affects Android for MSM, Firefox OS for MSM, and QRD Android prior to 2017-10-18. The issue arises in wma_unified_power_debug_stats_event_handler() when FW command buffer’s param_buf->num_debug_register is near the 32‑bit uint max; the calculation for stats_registers_len may ove...
CVE-2017-14901
CVE-2017-14901 describes a buffer overrun in the Qualcomm WLAN driver within Android for MSM/CAF Linux kernel when handling QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE with a TXPOWER_SCALE attribute of fewer than 1 byte. Affected components include Android devices using CAF/Linux kernel implement...
CVE-2017-15833
CVE-2017-15833 affects Android on MSM builds (and related Firefox OS for MSM, QRD Android) with CAF Linux kernel, where untrusted pointer dereference in update_userspace_power() within the power driver can lead to information exposure. The description consistently links this issue to Qualcomm pow...
CVE-2017-18051
CVE-2017-18051 affects Android for MSM, Firefox OS for MSM, and QRD Android builds based on CAF Linux kernel. The root cause is improper input validation of event->vdev_id in wma_rcpi_event_handler() (received from firmware), which can lead to an out-of-bounds memory read. This vulnerability i...
CVE-2017-18064
CVE-2017-18064 affects Android for MSM, Firefox OS for MSM, and CAF Android builds that use the Linux kernel. The issue is caused by improper input validation for p2p_noa_info in wma_send_bcn_buf_ll() which is obtained from firmware, leading to a potential buffer overflow. The vulnerability is as...
CVE-2017-6287
CVE-2017-6287 affects NVIDIA libnvrm in Android, caused by a missing bounds check that enables an out-of-bounds read and local information disclosure. Multiple sources (NVD, CNVD, Prion/N-CVE references) describe it as a moderate-severity information-disclosure issue in the media framework compon...
CVE-2017-6423
CVE-2017-6423 is an elevation-of-privilege flaw in the Qualcomm Kyro L2 driver within the Android kernel. The vulnerability could allow a local attacker to execute arbitrary code with kernel privileges on affected devices (Pixel and Pixel XL are listed in the Android bulletin). The root cause is ...
CVE-2017-6425
CVE-2017-6425 is an information-disclosure vulnerability in the Qualcomm video driver embedded in the Android kernel. The issue affects Pixel and Pixel XL devices (and is tied to Qualcomm video components) and could allow a local attacker to access data outside of normal permission boundaries. Th...
CVE-2017-8233
CVE-2017-8233 : This vulnerability affects Android CAF camera driver code on all CAF Android releases using the Linux kernel. The issue is a missing bounds check when writing into an array, which can lead to an out-of-bounds heap write. The provided documents do not specify affected product versi...
CVE-2017-8271
CVE-2017-8271 describes an out-of-bounds memory write in the MDSS Rotator driver used by Qualcomm components on Android CAF builds using the Linux kernel. The issue arises from an unsanitized userspace-controlled parameter, enabling a local attacker to cause memory corruption. The CVSS indicates ...
CVE-2017-8272
CVE-2017-8272 affects Qualcomm components in Android CAF builds using the Linux kernel. In a driver function, a value supplied from userspace is not properly validated, potentially causing an out-of-bounds heap write. The vulnerability is described as a kernel-level issue with the potential for m...
CVE-2017-9703
CVE-2017-9703 is a race condition in a Camera driver on Android for MSM, Firefox OS for MSM, and QRD Android (CAF Linux kernel). This Use-After-Free vulnerability is rated CVSS v3.0 base score 7.0 (HIGH) with LOCAL attack vector, high impact on confidentiality, integrity, and availability; CVSS v...
CVE-2017-9705
CVE-2017-9705 affects Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernel, where the G-Link PKT driver’s concurrent rx notifications and read() operations can trigger a double-free due to missing locking. This can cause list_del() and list_add() to overlap and corru...
CVE-2017-9722
CVE-2017-9722 affects Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF Linux kernels. The vulnerability arises when updating a custom EDID (hdmi_tx_sysfs_wta_edid) and the edid_size (controlled by userspace) is too large, causing a buffer overflow. Connected documents corrobo...
CVE-2018-11273
The CVE-2018-11273 entry describes a double-free in voice_svc_dev when CAF’s Linux kernel device allocation hits cdev_alloc_err and device_destroy frees all resources. Affected are Android for MSM, Firefox OS for MSM, and QRD Android builds using CAF’s kernel. The root cause is that voice_svc_dev...
CVE-2018-11274
CVE-2018-11274 is documented in the Pixel Security Bulletin under Qualcomm components (Audio). The entry classifies it as a moderate-impact audio buffer overflow affecting Qualcomm Audio; no exploitation details are provided in the supplied documents. The bulletin notes security patch levels of 2...
CVE-2018-11286
CVE-2018-11286 pertains to CAF-based Android releases (Android for MSM, Firefox OS for MSM, QRD Android) running the Linux kernel, where a use-after-free occurs when accessing the global variable debug_client in a multi-threaded context. The issue is a memory-management bug in the kernel-componen...
CVE-2018-11295
The CVE-2018-11295 issue affects Qualcomm WLAN Host in Android on Pixel/Nexus devices, tied to the CAF Linux kernel WMA handler where a fixed event data length from firmware can trigger an out-of-bounds write if length fields exceed the maximum. The Android Pixel bulletin lists CVE-2018-11295 und...
CVE-2018-11298
CVE-2018-11298 concerns a buffer overflow in Qualcomm WLAN Host within Android CAF builds using the Linux kernel. During processing of the SET_PASSPOINT_LIST command, the realm string passed from upper layers is not guaranteed to be NULL terminated, allowing strlen to determine its length and con...
CVE-2018-11895
CVE-2018-11895 involves Qualcomm WLAN HOST components in Android CAF/linux-based WLAN stack. The available documents indicate a root cause of an improper length check in a WLAN function, which can cause the driver to write the default RSN capabilities into memory not allocated for the frame. The ...
CVE-2018-11903
CVE-2018-11903 affects CAF Android builds (Android for MSM, Firefox OS for MSM, QRD Android) that use the Linux kernel. The vulnerability arises from a lack of length validation for a value received from a caller function that is used as an index into WMA interfaces, enabling an out-of-bounds wri...
CVE-2018-11919
Technical details (affected products, root cause, impact, and fixes) are not publicly available in the provided documents. Monitor for updates.
CVE-2018-11962
CVE-2018-11962 affects Qualcomm audio components. The issue is a Use-After-Free in the heap during loading of audio effects config in the audio effects factory. It is a local (LOCAL) vulnerability with low attack complexity and requires no user interaction, per CVSS data (AV:L, AC:L, PR:L, UI:N, ...
CVE-2018-11963
CVE-2018-11963 affects Android platforms based on CAF’s Linux kernel, with the issue localized to the camera JPEG driver. The root cause is a buffer overread caused by non-null terminated strings during processing of vsprintf, potentially enabling a local attacker with access to expose or corrupt...
CVE-2018-11983
CVE-2018-11983 affects Android releases (Android for MSM, Firefox OS for MSM, QRD Android) built on CAF’s Linux kernel. The vulnerability is a kernel memory-management error where code accesses freed mask pointers after reallocating memory for a mask table, constituting a fault in the kernel’s ha...
CVE-2018-21059
The CVE-2018-21059 entry describes an information-disclosure issue on Samsung mobile devices running Android N (7.x) and O (8.x). Clipboard content is visible in the locked state via the emergency contact picker, exposing potentially sensitive data. Samsung’s internal identifier SVE-2018-11806 is...
CVE-2018-21060
Technical details about CVE-2018-21060 are not publicly provided in the supplied documents. Monitor for updates. The records reiterate a Samsung keyboard-leak issue but do not specify affected components, versions, or fixes.
CVE-2018-21061
CVE-2018-21061 affects Samsung mobile devices running N(7.1) and O(8.x). The issue allows a counterfeit/“fake” charger to execute critical functions while the device is locked, enabling partial confidentiality, integrity, and availability impacts as indicated in CVSS vectors. The problem is descr...
CVE-2018-3561
CVE-2018-3561 is a Qualcomm Diagchar-related issue affecting Android on MSM devices. The root cause is a race condition in diag_ioctl_lsm_deinit() that leads to a Use-After-Free condition. The vulnerability is characterized as Elevation of Privilege (EoP) with local access requirements and high i...
CVE-2018-3574
CVE-2018-3574 describes a vulnerability in CAF Android kernel userspace cache maintenance for ION buffers where the ION_FLAG_SECURE flag is not set, causing the kernel to perform cache maintenance on memory that does not belong to HLOS. The provided sources (NVD entry and Debian/Ubuntu security t...
CVE-2018-3578
CVE-2018-3578 is a heap overflow in the Qualcomm WLAN component caused by a type mismatch for ie_len, leading Android CAF/Linux kernel builds to allocate insufficient heap memory. The issue is described as a local vulnerability with HIGH impact (CVSS3: LOCAL, LOW complexity, NO privileges, USER i...
CVE-2018-3587
CVE-2018-3587 is tied to the Qualcomm qcacld-2.0 WLAN driver in Android CAF builds, where a Use-After-Free in a firmware memory dump feature can lead to Elevation of Privilege (EoP). The NVD listing shows a CVSS v3 base score of 7.8 (HIGH) with LOCAL attack vector, low complexity, and privileges ...
CVE-2018-3599
CVE-2018-3599 is a Use-After-Free in Qualcomm Core Services affecting Qualcomm Android for MSM/CAF-based Android builds (Linux kernel pre-2018-04-05 patch). The issue occurs when notifying a DCI client, enabling EoP with high/critical impact per the Android Pixel bulletin. Mitigation is to apply ...
CVE-2018-5863
CVE-2018-5863 is a buffer overflow in WLAN HOST caused by an overly large WPA RSN IE length processed by wlan_hdd_cfg80211_set_ie(). Affected are Android releases (Android for MSM, Firefox OS for MSM, QRD Android) provided by CAF on the Linux kernel. The description confirms a memory corruption v...
CVE-2018-5893
CVE-2018-5893 is a buffer overwrite in the Qualcomm WLAN driver (htt_t2h_msg_handler_fast()) within Android CAF/Linux kernel for MSM devices. Root cause: buffer overwrite during firmware message processing. Affected: Qualcomm WLAN component in Android on CAF Android for MSM, Firefox OS for MSM, Q...
CVE-2018-5896
CVE-2018-5896 affects Android CAF builds using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) prior to the 2018-06-05 security patch level. The issue is a kernel panic caused by an out-of-bounds read from not checking the source buffer length against the packet stream length ...