Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2017-06-13 CVE-2017-7368 Race Condition vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a race condition potentially exists in the ioctl handler of a sound driver.
network
high complexity
google CWE-362
7.6
7.6
2017-06-13 CVE-2017-7367 Integer Underflow (Wrap or Wraparound) vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, an integer underflow vulnerability exists while processing the boot image.
network
google CWE-191
critical
 9.3
9.3
2017-06-13 CVE-2017-7366 Improper Input Validation vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a KGSL ioctl was not validating all of its parameters.
network
google CWE-20
4.3
4.3
2017-06-13 CVE-2017-7365 Out-of-bounds Read vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a buffer overread can occur if a particular string is not NULL terminated.
network
google CWE-125
critical
 9.3
9.3
2017-06-13 CVE-2016-10342 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler.
network
google CWE-119
critical
 9.3
9.3
2017-06-13 CVE-2016-10341 Permissions, Privileges, and Access Controls vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended.
network
google CWE-264
critical
 9.3
9.3
2017-06-13 CVE-2016-10340 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler.
network
google CWE-119
critical
 9.3
9.3
2017-06-13 CVE-2016-10339 Information Exposure vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.
network
google CWE-200
5.8
5.8
2017-06-13 CVE-2016-10338 Improper Input Validation vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing.
network
google CWE-20
critical
 9.3
9.3
2017-06-13 CVE-2016-10337 Improper Input Validation vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed.
network
google CWE-20
4.3
4.3