Vulnerabilities > Google > Android

DATE CVE VULNERABILITY TITLE RISK
2017-05-16 CVE-2015-8996 Race Condition vulnerability in Google Android
In TrustZone a time-of-check time-of-use race condition could potentially exist in a QFPROM routine in all Android releases from CAF using the Linux kernel.
local
high complexity
google CWE-362
7.0
2017-05-16 CVE-2015-8995 Integer Overflow or Wraparound vulnerability in Google Android
In TrustZone an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel.
local
low complexity
google CWE-190
7.8
2017-05-16 CVE-2014-9937 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In TrustZone a buffer overflow vulnerability can potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
local
low complexity
google CWE-119
7.8
2017-05-16 CVE-2014-9936 Race Condition vulnerability in Google Android
In TrustZone a time-of-check time-of-use race condition could potentially exist in an authentication routine in all Android releases from CAF using the Linux kernel.
local
high complexity
google CWE-362
7.0
2017-05-16 CVE-2014-9935 Integer Overflow or Wraparound vulnerability in Google Android
In TrustZone an integer overflow vulnerability leading to a buffer overflow could potentially occur in a DRM routine in all Android releases from CAF using the Linux kernel.
local
low complexity
google CWE-190
7.8
2017-05-16 CVE-2014-9934 Improper Verification of Cryptographic Signature vulnerability in Google Android
A PKCS#1 v1.5 signature verification routine in all Android releases from CAF using the Linux kernel may not check padding.
local
low complexity
google CWE-347
7.8
2017-05-16 CVE-2014-9933 Improper Input Validation vulnerability in Google Android
Due to missing input validation in all Android releases from CAF using the Linux kernel, HLOS can write to fuses for which it should not have access.
local
low complexity
google CWE-20
7.8
2017-05-16 CVE-2014-9932 Integer Overflow or Wraparound vulnerability in Google Android
In TrustZone, an integer overflow vulnerability can potentially occur in all Android releases from CAF using the Linux kernel due to an improper address range computation.
local
low complexity
google CWE-190
7.8
2017-05-16 CVE-2014-9931 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
A buffer overflow vulnerability in all Android releases from CAF using the Linux kernel can potentially occur if an OEM performs an app region size customization due to a hard-coded value.
local
low complexity
google CWE-119
7.8
2017-05-12 CVE-2017-8246 Use After Free vulnerability in Google Android
In function msm_pcm_playback_close() in all Android releases from CAF using the Linux kernel, prtd is assigned substream->runtime->private_data.
local
low complexity
google CWE-416
7.8