Vulnerabilities > Google > Android > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-09-18 CVE-2018-11273 Double Free vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, 'voice_svc_dev' is allocated as a device-managed resource.
local
low complexity
google CWE-415
4.6
2018-09-18 CVE-2018-11270 Double Free vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated with devm_kzalloc is automatically released by the kernel if the probe function fails with an error code.
local
low complexity
google CWE-415
4.6
2018-09-18 CVE-2018-11265 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possible buffer overflow while incrementing the log_buf of type uint64_t in memcpy function, since the log_buf pointer can access the memory beyond the size to store the data after pointer increment.
local
low complexity
google CWE-119
4.6
2018-09-18 CVE-2017-15828 Integer Overflow or Wraparound vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow.
local
low complexity
google CWE-190
4.6
2018-09-18 CVE-2017-15825 Out-of-bounds Read vulnerability in Google Android
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a gpt update, an out of bounds memory access may potentially occur.
local
low complexity
google CWE-125
4.6
2018-09-06 CVE-2018-11263 Improper Validation of Array Index vulnerability in Google Android
In all Android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, radio_id is received from the FW and is used to access the buffer to copy the radio stats received for each radio from FW.
low complexity
google CWE-129
5.8
2018-08-07 CVE-2018-5383 Improper Verification of Cryptographic Signature vulnerability in multiple products
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device.
4.3
2018-07-06 CVE-2018-5886 Out-of-bounds Read vulnerability in Google Android
A pointer in an ADSPRPC command is not properly validated in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), which can lead to kernel memory being accessed.
network
low complexity
google CWE-125
5.0
2018-07-06 CVE-2018-5862 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In __wlan_hdd_cfg80211_vendor_scan() in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, when SCAN_SSIDS and QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES are parsed, a buffer overwrite can potentially occur.
local
low complexity
google CWE-119
4.6
2018-07-06 CVE-2018-5859 Use After Free vulnerability in Google Android
Due to a race condition in the MDSS MDP driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a Use After Free condition can occur.
local
google CWE-416
4.4