Vulnerabilities > Google > Android > High

DATE CVE VULNERABILITY TITLE RISK
2017-06-13 CVE-2017-7367 Integer Underflow (Wrap or Wraparound) vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image.
local
low complexity
google CWE-191
7.8
2017-06-13 CVE-2017-7365 Out-of-bounds Read vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated.
local
low complexity
google CWE-125
7.8
2017-06-13 CVE-2016-10342 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler.
local
low complexity
google CWE-119
7.8
2017-06-13 CVE-2016-10341 Permissions, Privileges, and Access Controls vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended.
local
low complexity
google CWE-264
7.8
2017-06-13 CVE-2016-10340 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler.
local
low complexity
google CWE-119
7.8
2017-06-13 CVE-2016-10339 Information Exposure vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.
local
low complexity
google CWE-200
7.1
2017-06-13 CVE-2016-10338 Improper Input Validation vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing.
local
low complexity
google CWE-20
7.8
2017-06-13 CVE-2015-9033 Improper Input Validation vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a QTEE system call fails to validate a pointer.
local
low complexity
google CWE-20
7.8
2017-06-13 CVE-2015-9030 Missing Authentication for Critical Function vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, the Hypervisor API could be misused to bypass authentication.
local
low complexity
google CWE-306
7.8
2017-06-13 CVE-2015-9029 Improper Access Control vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a vulnerability exists in the access control settings of modem memory.
local
low complexity
google CWE-284
7.8