Vulnerabilities > Google > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-09-21 | CVE-2017-8280 | Missing Release of Resource after Effective Lifetime vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, during the wlan calibration data store and retrieve operation, there are some potential race conditions which lead to a memory leak and a buffer overflow during the context switch. | 7.0 |
| 2017-09-21 | CVE-2017-8278 | Classic Buffer Overflow vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur. | 7.8 |
| 2017-09-21 | CVE-2017-8277 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function msm_dba_register_client, if the client registers failed, it would be freed. | 7.8 |
| 2017-09-21 | CVE-2017-8251 | Improper Validation of Array Index vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in functions msm_isp_check_stream_cfg_cmd & msm_isp_stats_update_cgc_override, 'stream_cfg_cmd->num_streams' is not checked, and could overflow the array stream_cfg_cmd->stream_handle. | 7.8 |
| 2017-09-21 | CVE-2017-8250 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, user controlled variables "nr_cmds" and "nr_bos" number are passed across functions without any check. | 7.8 |
| 2017-09-21 | CVE-2017-8247 | Resource Exhaustion vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, if there is more than one thread doing the device open operation, the device may be opened more than once. | 7.8 |
| 2017-09-21 | CVE-2017-11041 | Unspecified vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, an output buffer is accessed in one thread and can be potentially freed in another. | 7.8 |
| 2017-09-21 | CVE-2017-11000 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in an ISP Camera kernel driver function, an incorrect bounds check may potentially lead to an out-of-bounds write. | 7.8 |
| 2017-09-21 | CVE-2017-10999 | Unspecified vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, concurrent calls into ioctl RMNET_IOCTL_ADD_MUX_CHANNEL in ipa wan driver may lead to memory corruption due to missing locks. | 7.8 |
| 2017-09-21 | CVE-2017-10998 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in audio_aio_ion_lookup_vaddr, the buffer length, which is user input, ends up being used to validate if the buffer is fully within the valid region. | 7.8 |