Vulnerabilities > Google > Android

DATE CVE VULNERABILITY TITLE RISK
2018-03-16 CVE-2017-18062 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, potential buffer overflow can happen when processing UTF event in wma_process_utf_event().
local
low complexity
google CWE-119
7.8
2018-03-16 CVE-2017-18061 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, potential buffer overflow can happen when processing AOA measurement event from WIGIG firmware in wil_aoa_evt_meas().
local
low complexity
google CWE-119
7.8
2018-03-16 CVE-2017-18060 Out-of-bounds Read vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for resp_event->vdev_id in wma_unified_bcntx_status_event_handler(), which is received from firmware, leads to potential out of bounds memory read.
network
low complexity
google CWE-125
7.5
2018-03-16 CVE-2017-18059 Out-of-bounds Read vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_scan_event_callback(), which is received from firmware, leads to potential out of bounds memory read.
network
low complexity
google CWE-125
7.5
2018-03-16 CVE-2017-18058 Out-of-bounds Read vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wow_buf_pkt_len in wma_wow_wakeup_host_event() which is received from firmware leads to potential out of bounds memory read.
network
low complexity
google CWE-125
7.5
2018-03-16 CVE-2017-18057 Out-of-bounds Read vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_nlo_scan_cmp_evt_handler(), which is received from firmware, leads to potential out of bounds memory read.
network
low complexity
google CWE-125
7.5
2018-03-16 CVE-2017-18055 Improper Input Validation vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wmi_event->num_vdev_mac_entries in wma_pdev_set_hw_mode_resp_evt_handler(), which is received from firmware, leads to potential buffer overflow.
local
low complexity
google CWE-20
7.8
2018-03-16 CVE-2017-18054 Improper Input Validation vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for num_vdev_mac_entries in wma_pdev_hw_mode_transition_evt_handler(), which is received from firmware, leads to potential buffer overflow.
local
low complexity
google CWE-20
7.8
2018-03-16 CVE-2017-18053 Out-of-bounds Read vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for fix_param->vdev_id in wma_p2p_lo_event_handler(), which is received from firmware, leads to potential out of bounds memory read.
network
low complexity
google CWE-125
7.5
2018-03-16 CVE-2017-18052 Out-of-bounds Read vulnerability in Google Android
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for cmpl_params->num_reports, param_buf->desc_ids and param_buf->status in wma_mgmt_tx_bundle_completion_handler(), which is received from firmware, leads to potential out of bounds memory read.
network
low complexity
google CWE-125
7.5