Vulnerabilities > Google
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-06-12 | CVE-2018-3581 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overwrite can occur if the vdev_id received from firmware is larger than max_bssid. | 4.6 |
| 2018-06-12 | CVE-2018-3579 | Out-of-bounds Read vulnerability in Google Android In the WLAN driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, event->num_entries_in_page is a value received from firmware that is not properly validated which can lead to a buffer over-read | 2.1 |
| 2018-06-12 | CVE-2018-3576 | Improper Validation of Array Index vulnerability in Google Android improper validation of array index in WiFi driver function sapInterferenceRssiCount() leads to array out-of-bounds access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 4.6 |
| 2018-06-12 | CVE-2018-3572 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android While processing a DSP buffer in an audio driver's event handler, an index of a buffer is not checked before accessing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 4.6 |
| 2018-06-12 | CVE-2018-3571 | Use After Free vulnerability in Google Android In the KGSL driver in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a Use After Free condition can occur when printing information about sparse memory allocations | 4.6 |
| 2018-06-12 | CVE-2017-18070 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In wma_ndp_end_response_event_handler(), the variable len_end_rsp is a uint32 which can be overflowed if the value of variable "event->num_ndp_end_rsp_per_ndi_list" is very large which can then lead to a heap overwrite of the heap object end_rsp in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 4.6 |
| 2018-06-12 | CVE-2017-15857 | Improper Validation of Array Index vulnerability in Google Android In the camera driver, an out-of-bounds access can occur due to an error in copying region params from user space in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 4.6 |
| 2018-06-12 | CVE-2017-15854 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android The value of fix_param->num_chans is received from firmware and if it is too large, an integer overflow can occur in wma_radio_chan_stats_event_handler() for the derived length len leading to a subsequent buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 4.6 |
| 2018-06-12 | CVE-2017-15843 | Race Condition vulnerability in Google Android Due to a race condition in a bus driver, a double free in msm_bus_floor_vote_context() can potentially occur in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 4.4 |
| 2018-06-12 | CVE-2017-15842 | Use After Free vulnerability in Google Android Buffer might get used after it gets freed due to unlocking the mutex before freeing the buffer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 4.6 |