Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-19 CVE-2018-3573 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while relocating kernel images with a specially crafted boot image, an out of bounds access can occur.
local
low complexity
google CWE-119
7.8
2018-09-19 CVE-2018-11904 NULL Pointer Dereference vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable.
local
low complexity
google CWE-476
7.8
2018-09-19 CVE-2018-11903 Improper Validation of Array Index vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from caller function used as an array index for WMA interfaces can lead to OOB write in WLAN HOST.
local
low complexity
google CWE-129
7.8
2018-09-19 CVE-2018-11902 Improper Validation of Array Index vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to OOB access in WLAN HOST.
local
low complexity
google CWE-129
7.8
2018-09-19 CVE-2018-11898 Out-of-bounds Read vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing start bss request from upper layer, out of bounds read occurs if ssid length is greater than maximum.
local
low complexity
google CWE-125
7.8
2018-09-19 CVE-2018-11897 Out-of-bounds Read vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing diag event after associating to a network out of bounds read occurs if ssid of the network joined is greater than max limit.
local
low complexity
google CWE-125
7.8
2018-09-19 CVE-2018-11895 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check Validation in WLAN function can lead to driver writes the default rsn capabilities to the memory not allocated to the frame.
local
low complexity
google CWE-119
7.8
2018-09-19 CVE-2018-11894 Integer Overflow or Wraparound vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing preferred network offload scan results integer overflow may lead to buffer overflow when large frame length is received from FW.
local
low complexity
google CWE-190
7.8
2018-09-19 CVE-2018-11893 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing vendor scan request, when input argument - length of request IEs is greater than maximum can lead to a buffer overflow.
local
low complexity
google CWE-119
7.8
2018-09-19 CVE-2018-11891 Improper Validation of Array Index vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function.
low complexity
google CWE-129
8.8