Vulnerabilities > Google > Android > 6.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-07 | CVE-2016-0810 | Permissions, Privileges, and Access Controls vulnerability in Google Android media/libmedia/SoundPool.cpp in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 mishandles locking requirements, which allows attackers to gain privileges via a crafted application, as demonstrated by obtaining Signature or SignatureOrSystem access, aka internal bug 25781119. | 6.9 |
| 2016-02-07 | CVE-2016-0809 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1 Use-after-free vulnerability in the wifi_cleanup function in bcmdhd/wifi_hal/wifi_hal.cpp in Wi-Fi in Android 6.x before 2016-02-01 allows attackers to gain privileges by leveraging access to the local physical environment during execution of a crafted application, aka internal bug 25753768. | 8.3 |
| 2016-02-07 | CVE-2016-0808 | Data Processing Errors vulnerability in Google Android Integer overflow in the getCoverageFormat12 function in CmapCoverage.cpp in the Minikin library in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 allows attackers to cause a denial of service (continuous rebooting) via an application that triggers loading of a crafted TTF font, aka internal bug 25645298. | 4.9 |
| 2016-02-07 | CVE-2016-0807 | Permissions, Privileges, and Access Controls vulnerability in Google Android 6.0/6.0.1 The get_build_id function in elf_utils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394. | 7.2 |
| 2016-02-07 | CVE-2016-0806 | Permissions, Privileges, and Access Controls vulnerability in Google Android The Qualcomm Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25344453. | 7.2 |
| 2016-02-07 | CVE-2016-0805 | Permissions, Privileges, and Access Controls vulnerability in Google Android The performance event manager for Qualcomm ARM processors in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application, aka internal bug 25773204. | 7.2 |
| 2016-02-07 | CVE-2016-0804 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android The NuPlayer::GenericSource::notifyPreparedAndCleanup function in media/libmediaplayerservice/nuplayer/GenericSource.cpp in mediaserver in Android 5.x before 5.1.1 LMY49G and 6.x before 2016-02-01 improperly manages mDrmManagerClient objects, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file, aka internal bug 25070434. | 10.0 |
| 2016-02-07 | CVE-2016-0803 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android libstagefright in mediaserver in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted media file that triggers a large memory allocation in the (1) SoftMPEG4Encoder or (2) SoftVPXEncoder component, aka internal bug 25812794. | 10.0 |
| 2016-02-07 | CVE-2016-0802 | Improper Input Validation vulnerability in multiple products The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25306181. | 8.3 |
| 2016-02-07 | CVE-2016-0801 | Improper Input Validation vulnerability in multiple products The Broadcom Wi-Fi driver in the kernel in Android 4.x before 4.4.4, 5.x before 5.1.1 LMY49G, and 6.x before 2016-02-01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted wireless control message packets, aka internal bug 25662029. | 8.3 |