Vulnerabilities > Amazon > Fire OS

DATE CVE VULNERABILITY TITLE RISK
2018-10-16 CVE-2018-11019 Argument Injection or Modification vulnerability in Amazon Fire OS 4.5.5.3
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3221773726 and cause a kernel crash.
network
low complexity
amazon CWE-88
7.5
7.5
2017-04-10 CVE-2015-7292 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Amazon Fire OS
Stack-based buffer overflow in the havok_write function in drivers/staging/havok/havok.c in Amazon Fire OS before 2016-01-15 allows attackers to cause a denial of service (panic) or possibly have unspecified other impact via a long string to /dev/hv.
network
low complexity
amazon CWE-119
critical
 9.8
9.8