Vulnerabilities > Google > Android > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-09-18 | CVE-2017-15818 | Integer Overflow or Wraparound vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size. | 7.8 |
2018-09-06 | CVE-2018-11263 | Improper Validation of Array Index vulnerability in Google Android In all Android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, radio_id is received from the FW and is used to access the buffer to copy the radio stats received for each radio from FW. | 8.8 |
2018-09-04 | CVE-2018-11262 | Incorrect Calculation vulnerability in Google Android In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT. | 7.8 |
2018-07-06 | CVE-2018-5907 | Integer Overflow or Wraparound vulnerability in Google Android Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. | 7.8 |
2018-07-06 | CVE-2018-5886 | Out-of-bounds Read vulnerability in Google Android A pointer in an ADSPRPC command is not properly validated in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), which can lead to kernel memory being accessed. | 7.5 |
2018-07-06 | CVE-2018-5873 | Use After Free vulnerability in multiple products An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. | 7.0 |
2018-07-06 | CVE-2018-5872 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur. | 8.0 |
2018-07-06 | CVE-2018-5862 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In __wlan_hdd_cfg80211_vendor_scan() in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, when SCAN_SSIDS and QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES are parsed, a buffer overwrite can potentially occur. | 7.8 |
2018-07-06 | CVE-2018-5859 | Use After Free vulnerability in Google Android Due to a race condition in the MDSS MDP driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a Use After Free condition can occur. | 7.0 |
2018-07-06 | CVE-2018-5858 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In the audio debugfs in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, out of bounds access can occur. | 7.8 |