Vulnerabilities > Google > Android > Critical

DATE CVE VULNERABILITY TITLE RISK
2017-08-18 CVE-2015-9034 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a string can fail to be null-terminated in SIP leading to a buffer overflow.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9035 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a memory buffer fails to be freed after it is no longer needed potentially resulting in memory exhaustion.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9036 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, an incorrect length is used to clear a memory buffer resulting in adjacent memory getting corrupted.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9037 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer over-read may occur in the processing of a downlink 3G NAS message.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9038 NULL Pointer Dereference vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer may be dereferenced in the front end.
network
low complexity
google CWE-476
critical
9.8
2017-08-18 CVE-2015-9039 Improper Input Validation vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in eMBMS where an assertion can be reached by a sequence of downlink messages.
network
low complexity
google CWE-20
critical
9.8
2017-08-18 CVE-2015-9040 Improper Access Control vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a vulnerability exists in a GERAN API.
network
low complexity
google CWE-284
critical
9.8
2017-08-18 CVE-2015-9041 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when performing WCDMA radio tuning.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9042 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists when processing a QMI message.
network
low complexity
google CWE-119
critical
9.8
2017-08-18 CVE-2015-9043 NULL Pointer Dereference vulnerability in Google Android
In all Qualcomm products with Android releases from CAF using the Linux kernel, a NULL pointer can be dereferenced upon the expiry of a timer.
network
low complexity
google CWE-476
critical
9.8