846 matches found
CVE-2016-8448
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged proce...
CVE-2017-14914
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, handles in the global client structure can become stale.
CVE-2017-15813
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overflow can occur while reading firmware logs.
CVE-2017-6262
NVIDIA driver contains a vulnerability where it is possible a use after free malfunction can occur due to a race condition which could enable unauthorized code execution and possibly lead to elevation of privileges. This issue is rated as high. Product: Android. Version: N/A. Android ID: A-38045794...
CVE-2017-8272
In all Qualcomm products with Android releases from CAF using the Linux kernel, in a driver function, a value from userspace is not properly validated potentially leading to an out of bounds heap write.
CVE-2017-9717
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing Netlink attributes, a buffer overread can occur.
CVE-2017-9722
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when updating custom EDID (hdmi_tx_sysfs_wta_edid), if edid_size, which is controlled by userspace, is too large, a buffer overflow occurs.
CVE-2014-7919
b/libs/gui/ISurfaceComposer.cpp in Android allows attackers to trigger a denial of service (null pointer dereference and process crash).
CVE-2014-9960
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in the PlayReady API.
CVE-2014-9964
In all Android releases from CAF using the Linux kernel, an integer overflow vulnerability exists in debug functionality.
CVE-2014-9977
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in PlayReady DRM.
CVE-2014-9978
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a QTEE service.
CVE-2015-9039
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in eMBMS where an assertion can be reached by a sequence of downlink messages.
CVE-2015-9046
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached due to an improper bound on the size of a frequency list.
CVE-2015-9050
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists where an array out of bounds access can occur during a CA call.
CVE-2015-9055
In all Qualcomm products with Android releases from CAF using the Linux kernel, an assertion was potentially reachable in a memory management routine.
CVE-2016-5858
In an ioctl handler in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, if a user supplies a value too large, then an out-of-bounds read occurs.
CVE-2016-5872
In all Qualcomm products with Android releases from CAF using the Linux kernel, arguments to several QTEE syscalls are not properly validated.
CVE-2017-8233
In a camera driver function in all Android releases from CAF using the Linux kernel, a bounds check is missing when writing into an array potentially leading to an out-of-bounds heap write.
CVE-2017-9708
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the camera driver, the function "msm_ois_power_down" is called without a mutex and a race condition can occur in variable "*reg_ptr" of sub function "msm_camera_config_single_vreg".
CVE-2014-9946
In Core Kernel in all Android releases from CAF using the Linux kernel, a Use After Free vulnerability could potentially exist.
CVE-2014-9947
In TrustZone in all Android releases from CAF using the Linux kernel, an Information Exposure vulnerability could potentially exist.
CVE-2014-9965
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the parsing of an SCM call.
CVE-2015-9021
In all Android releases from CAF using the Linux kernel, access control to SMEM memory was not enabled.
CVE-2015-9052
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in LTE where an assertion can be reached while processing a downlink message.
CVE-2016-0833
Android allows users to cause a denial of service.
CVE-2016-10239
In TrustZone access control policy may potentially be bypassed in all Android releases from CAF using the Linux kernel due to improper input validation an integer overflow vulnerability leading to a buffer overflow could potentially occur and a buffer over-read vulnerability could potentially occur...
CVE-2016-10242
A time-of-check time-of-use race condition could potentially exist in the secure file system in all Android releases from CAF using the Linux kernel.
CVE-2016-10347
In all Qualcomm products with Android releases from CAF using the Linux kernel, an argument to a hypervisor function is not properly validated.
CVE-2016-2433
The Broadcom Wi-Fi driver for Android, as used by BlackBerry smartphones before Build AAE570, allows remote attackers to execute arbitrary code in the context of the kernel.
CVE-2016-8472
An information disclosure vulnerability in the MediaTek driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: N/A. Android ID: A-3153...
CVE-2017-8253
In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace.
CVE-2015-0574
In all Qualcomm products with Android releases from CAF using the Linux kernel, the validation of filesystem access was insufficient.
CVE-2015-9049
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in the processing of certain responses from the USIM.
CVE-2016-10337
In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed.
CVE-2016-10382
In all Qualcomm products with Android releases from CAF using the Linux kernel, access control to the I2C bus is not sufficient.
CVE-2016-8446
An elevation of privilege vulnerability in MediaTek components, including the thermal driver and video driver, could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged proce...
CVE-2017-8238
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a camera function.
CVE-2017-9718
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in a multimedia driver can potentially lead to a buffer overwrite.
CVE-2015-9003
In TrustZone a cryptographic issue can potentially occur in all Android releases from CAF using the Linux kernel.
CVE-2015-9060
In all Qualcomm products with Android releases from CAF using the Linux kernel, a pointer is not properly validated in a QTEE system call.
CVE-2016-5862
When a control related to codec is issued from userspace in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, the type casting is done to the container structure instead of the codec's individual structure, resulting in a device restart after kernel crash occurs.
CVE-2015-9038
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may be dereferenced in the front end.
CVE-2016-10237
If shared content protection memory were passed as the secure camera memory buffer by the HLOS to a trusted application (TA) in all Android releases from CAF using the Linux kernel, the TA would not detect an issue and it would be treated as secure memory.
CVE-2016-6726
Unspecified vulnerability in Qualcomm components in Android on Nexus 6 and Android One devices.
CVE-2015-9043
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer.