Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2018-09-18 CVE-2018-11300 Use After Free vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, callback executed from the other thread has freed memory which is also used in wlan function and may result in to a "Use after free" scenario.
local
low complexity
google CWE-416
7.8
2018-09-18 CVE-2018-11299 Improper Validation of Array Index vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when WLAN FW has not filled the vdev id correctly in stats events then WLAN host driver tries to access interface array without proper bound check which can lead to invalid memory access and as a side effect kernel panic or page fault.
local
low complexity
google CWE-129
7.8
2018-09-18 CVE-2018-11298 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing SET_PASSPOINT_LIST vendor command HDD does not make sure that the realm string that gets passed by upper-layer is NULL terminated.
local
low complexity
google CWE-119
7.8
2018-09-18 CVE-2018-11297 Out-of-bounds Read vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a buffer over-read can occur In the WMA NDP event handler functions due to lack of validation of input value event_info which is received from FW.
local
low complexity
google CWE-125
7.8
2018-09-18 CVE-2018-11296 Out-of-bounds Write vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur.
local
low complexity
google CWE-787
7.8
2018-09-18 CVE-2018-11295 Out-of-bounds Write vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WMA handler carries a fixed event data from the firmware to the host .
local
low complexity
google CWE-787
7.8
2018-09-18 CVE-2018-11294 Improper Input Validation vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WLAN handler indication from the firmware gets the information for 4 access categories.
low complexity
google CWE-20
8.0
2018-09-18 CVE-2018-11286 Use After Free vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing global variable "debug_client" in multi-thread manner, Use after free issue occurs
local
low complexity
google CWE-416
7.8
2018-09-18 CVE-2018-11281 Use After Free vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use.
local
low complexity
google CWE-416
7.8
2018-09-18 CVE-2018-11278 Out-of-bounds Read vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Venus HW searches for start code when decoding input bit stream buffers.
local
low complexity
google CWE-125
7.1