CVE-2014-9940

The regulator_ena_gpio_free function in drivers/regulator/core.c in the Linux kernel before 3.19 allows local users to gain privileges or cause a denial of service (use-after-free) via a crafted application.

CVE-2015-9004

kernel/events/core.c in the Linux kernel before 3.19 mishandles counter grouping, which allows local users to gain privileges via a crafted application, related to the perf_pmu_register and perf_event_open functions.

CVE-2017-8244

In core_info_read and inst_info_read in all Android releases from CAF using the Linux kernel, variable "dbg_buf", "dbg_buf->curr" and "dbg_buf->filled_size" could be modified by different threads at the same time, but they are not protected with mutex or locks. Buffer overflow is possible on ...

CVE-2016-10276

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the o...

CVE-2017-0604

An elevation of privilege vulnerability in the kernel Qualcomm power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflash...

CVE-2017-0620

An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Ver...

CVE-2017-0625

An information disclosure vulnerability in the MediaTek command queue driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it could be used to access sensitive data without explicit user permission. Product: Android. ...

CVE-2017-8246

In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data. Later, prtd is freed. However, prtd is not sanitized and set to NULL, resulting in a dangling pointer. There are other functions that access the sam...

CVE-2014-9931

A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value.

CVE-2017-0331

An elevation of privilege vulnerability in the NVIDIA video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the o...

CVE-2017-0465

An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3...

CVE-2017-0594

An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to...

CVE-2016-10281

An elevation of privilege vulnerability in the MediaTek thermal driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. And...

CVE-2017-0493

An information disclosure vulnerability in File-Based Encryption could enable a local malicious attacker to bypass operating system protections for the lock screen. This issue is rated as Moderate due to the possibility of bypassing the lock screen. Product: Android. Versions: 7.0, 7.1.1. Android I...

CVE-2017-0595

An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not...

CVE-2014-9936

In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel.

CVE-2016-10275

An elevation of privilege vulnerability in the Qualcomm bootloader could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the o...

CVE-2017-0597

An elevation of privilege vulnerability in Audioserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessib...

CVE-2015-8999

In TrustZone a buffer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel while loading an ELF file.

CVE-2017-0598

An information disclosure vulnerability in the Framework APIs could enable a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as High because it could be used to gain access to data that the application doe...

CVE-2017-0635

A remote denial of service vulnerability in HevcUtils.cpp in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Low due to details specific to the vulnerability. Product: Android. Versions: 7.0, 7.1.1, 7.1....

CVE-2017-0591

A remote code execution vulnerability in libavc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaser...

CVE-2017-0602

An information disclosure vulnerability in Bluetooth could allow a local malicious application to bypass operating system protections that isolate application data from other applications. This issue is rated as Moderate due to details specific to the vulnerability. Product: Android. Versions: 4.4....

CVE-2017-0603

A denial of service vulnerability in libstagefright in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as Moderate because it requires an uncommon device configuration. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6...

CVE-2017-8245

In all Android releases from CAF using the Linux kernel, while processing a voice SVC request which is nonstandard by specifying a payload size that will overflow its own declared size, an out of bounds memory copy occurs.

CVE-2014-9934

A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding.

CVE-2017-0592

A remote code execution vulnerability in FLACExtractor.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution withi...

CVE-2017-0596

An elevation of privilege vulnerability in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not...

CVE-2017-0616

An elevation of privilege vulnerability in the MediaTek system management interrupt driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android...

CVE-2015-1529

Integer overflow in soundtrigger/ISoundTriggerHwService.cpp in Android allows attacks to cause a denial of service via unspecified vectors.

CVE-2015-8995

In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.

CVE-2015-8998

In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.

CVE-2015-9002

In TrustZone an out-of-range pointer offset vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

CVE-2017-0589

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediase...

CVE-2017-0615

An elevation of privilege vulnerability in the MediaTek power driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Andro...

CVE-2017-0619

An elevation of privilege vulnerability in the Qualcomm pin controller driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: K...

CVE-2017-0590

A remote code execution vulnerability in libhevc in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediase...

CVE-2017-0599

A remote denial of service vulnerability in libhevc in Mediaserver could enable an attacker to use a specially crafted file to cause a device hang or reboot. This issue is rated as High severity due to the possibility of remote denial of service. Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, ...

CVE-2017-0601

An Elevation of Privilege vulnerability in Bluetooth could potentially enable a local malicious application to accept harmful files shared via bluetooth without user permission. This issue is rated as Moderate due to local bypass of user interaction requirements. Product: Android. Versions: 7.0, 7....

CVE-2014-9935

In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

CVE-2014-9937

In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

CVE-2014-9933

Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access.

CVE-2015-9001

In TrustZone an information exposure vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.

CVE-2016-10238

In QSEE in all Android releases from CAF using the Linux kernel access control may potentially be bypassed due to a page alignment issue.

CVE-2017-0587

A remote code execution vulnerability in libmpeg2 in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Medias...

CVE-2015-9000

In TrustZone an untrusted pointer dereference vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.

CVE-2017-0588

A remote code execution vulnerability in id3/ID3.cpp in libstagefright in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the ...

CVE-2017-0593

An elevation of privilege vulnerability in the Framework APIs could enable a local malicious application to obtain access to custom permissions. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other applications. Product...

CVE-2015-8996

In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel.

CVE-2017-0617

An elevation of privilege vulnerability in the MediaTek video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Andro...