Vulnerabilities > Google

DATE CVE VULNERABILITY TITLE RISK
2017-06-13 CVE-2016-10342 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a syscall handler.
local
low complexity
google CWE-119
7.8
7.8
2017-06-13 CVE-2016-10341 Permissions, Privileges, and Access Controls vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, 3rd party TEEs have more privilege than intended.
local
low complexity
google CWE-264
7.8
7.8
2017-06-13 CVE-2016-10340 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, an integer underflow leading to buffer overflow vulnerability exists in a syscall handler.
local
low complexity
google CWE-119
7.8
7.8
2017-06-13 CVE-2016-10339 Information Exposure vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, HLOS can overwite secure memory or read contents of the keystore.
local
low complexity
google CWE-200
7.1
7.1
2017-06-13 CVE-2016-10338 Improper Input Validation vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, there was an issue related to RPMB processing.
local
low complexity
google CWE-20
7.8
7.8
2017-06-13 CVE-2016-10337 Improper Input Validation vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, some validation of secure applications was not being performed.
local
low complexity
google CWE-20
5.5
5.5
2017-06-13 CVE-2016-10336 7PK - Security Features vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, some regions of memory were not protected during boot.
local
low complexity
google CWE-254
5.5
5.5
2017-06-13 CVE-2016-10335 Improper Access Control vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, libtomcrypt was updated.
local
low complexity
google CWE-284
5.5
5.5
2017-06-13 CVE-2016-10334 Improper Access Control vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a dynamically-protected DDR region could potentially get overwritten.
local
low complexity
google CWE-284
5.5
5.5
2017-06-13 CVE-2016-10333 Improper Access Control vulnerability in Google Android
In all Android releases from CAF using the Linux kernel, a sensitive system call was allowed to be called by HLOS.
local
low complexity
google CWE-284
5.5
5.5