Vulnerabilities > Google > Android > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-30 | CVE-2017-15846 | NULL Pointer Dereference vulnerability in Google Android In the video_ioctl2() function in the camera driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-16, an untrusted pointer dereference may potentially occur. | 7.8 |
| 2018-03-30 | CVE-2017-15826 | Double Free vulnerability in Google Android Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures. | 7.8 |
| 2018-03-30 | CVE-2017-15823 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-11, some values from firmware are not properly validated potentially leading to a buffer overflow. | 7.8 |
| 2018-03-30 | CVE-2017-14892 | Improper Input Validation vulnerability in Google Android In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-19, the return value of q6asm_open_shared_io() is not checked properly potentially leading to a possible dangling pointer access. | 7.8 |
| 2018-03-30 | CVE-2017-14875 | Information Exposure vulnerability in Google Android In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-05-23, a heap overread vulnerability exists. | 7.5 |
| 2018-03-30 | CVE-2017-11087 | Information Exposure vulnerability in Google Android libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context of mediaserver. | 7.5 |
| 2018-03-16 | CVE-2018-3561 | Use After Free vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in diag_ioctl_lsm_deinit() leads to a Use After Free condition. | 7.0 |
| 2018-03-16 | CVE-2018-3560 | Double Free vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Double Free vulnerability exists in Audio Driver while opening a sound compression device. | 7.8 |
| 2018-03-16 | CVE-2017-18066 | Use After Free vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper controls in MSM CORE leads to use memory after it is freed in msm_core_ioctl(). | 7.8 |
| 2018-03-16 | CVE-2017-18065 | Improper Input Validation vulnerability in Google Android In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vent->vdev_id in wma_action_frame_filter_mac_event_handler(), which is received from firmware, leads to arbitrary code execution. | 7.8 |