Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-19 CVE-2018-11891 Improper Validation of Array Index vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function.
low complexity
google CWE-129
8.3
2018-09-19 CVE-2018-11889 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when requesting rssi timeout, access invalid memory may occur since local variable 'context' stack data of wlan function is free.
local
low complexity
google CWE-119
7.2
2018-09-19 CVE-2018-11886 Integer Overflow or Wraparound vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function.
local
low complexity
google CWE-190
7.2
2018-09-19 CVE-2018-11883 Improper Validation of Array Index vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, in policy mgr unit test if mode parameter in wlan function is given an out of bound value it can cause an out of bound access while accessing the PCL table.
local
low complexity
google CWE-129
7.2
2018-09-19 CVE-2018-11878 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possibility of invalid memory access while processing driver command in WLAN function.
local
low complexity
google CWE-119
7.2
2018-09-18 CVE-2018-11869 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler.
local
low complexity
google CWE-119
7.2
2018-09-18 CVE-2018-11868 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in nan response event handler.
local
low complexity
google CWE-119
7.2
2018-09-18 CVE-2018-11863 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy.
local
low complexity
google CWE-119
7.2
2018-09-18 CVE-2018-11860 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a potential buffer over flow could occur while processing the ndp event due to lack of check on the message length.
local
low complexity
google CWE-119
7.2
2018-09-18 CVE-2018-11852 Out-of-bounds Write vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write.
local
low complexity
google CWE-787
7.2